Hello, I would like to setup the security on a Zope server such that a user can edit permissions on something they own, but not grant more permissions than what they have acquired from the parent. If a user owns a folder they could grant "Owner" any permissions they want inside of that folder (Assuming they have the "Change permission" permission). Is there a way to limit which permissions a user can change? I would like to be able to delegate permissions. Such that if a user creates a folder they can grant other roles permissions up to the permissions they have acquired from the parent folder. Is this possible? I don't want that user to be able to grant themselves additional permissions. Thanks, -Brian Brinegar
brian.r.brinegar.1 writes:
I would like to setup the security on a Zope server such that a user can edit permissions on something they own, but not grant more permissions than what they have acquired from the parent. This is not covered by the current security framework.
But, surely, you can implement it, if you are ready to make some compromises. E.g. it will be somewhat difficult, to automatically revoke permissions granted by a user, when his own permissions are later restricted. Your task is non-trivial... Dieter
participants (2)
-
brian.r.brinegar.1 -
Dieter Maurer