David Kankiewicz wrote:
Problem is, I'd also *like* to copy or clone a index_html page into the user's new folder.
What you want is under the Proxy management tab.
setup a role, in the "security" tab, that as "View management screens" and goto the proxy tab in the method or document and select the role you created, press "change".
Good idea, but it doesn't seem to work. I set the method to have a proxy role of Manager (should work for sure, then I'll narrow it down later). But it fails with a permission error on the paste part of a clone operation. I looked in CopySupport (again) as it's failing in _verifyObjectPaste(self, ob, REQUEST). Here's the salient bit: if hasattr(meth, '__roles__'): roles=meth.__roles__ user=REQUEST.get('AUTHENTICATED_USER', None) if (not hasattr(user, 'has_role') or not user.has_role(roles, self)): raise 'Unauthorized', ( """You are not authorized to perform this operation.""" ) return ...which, to my very untrained eye, suggests that your approach would work provided the user in question has one of the roles associated with the method. Which would be fine, but how would I assign a role to an anonymous user? If I can't do that, I'm back to "there should be a seperate permission"