-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David wrote:
Is it true that even though a user Role like 'author' is defined at zope root that users defined lower in the hierarchy *also* with role 'author' cannot access objects at root with role 'author' and permissions of view and access? The online zope book seems to say so. If so, couldn't we have some extra attribute to a role like "upwardly mobile"? (I want to share a code base for several folders sub-folders and I do not wanta to give it anonymous access).
The "scope" of a user's roles is limited to the folder containing her user folder. The usual way to accomplish what you are asking for is to have a single user folder at the highest scope which needs protecting, and hav it grant users a role (you might even use 'Authenticated') which you use to protect the shared resources. You would then grant them *local* roles on the subfolders, giving them more access. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFD7Jdn+gerLs4ltQ4RAqeNAKCTPYdS61XRIqXpNRC//p0vyqJVAQCfV0Tr OX6edHZz3TSsDITtETExXQE= =w5qj -----END PGP SIGNATURE-----