By "use local roles", you mean do it manually, through the web ui? I don't see how I could create a local role from code either, since none of my objects have been created yet. Thanks, -Randy ----- Original Message ----- From: "Chris McDonough" <chrism@digicool.com> To: "Randall Kern" <randy@teamkern.net>; <zope@zope.org> Sent: Wednesday, November 29, 2000 7:09 PM Subject: Re: [Zope] adding roles to Zope in Product.initialize()
No... the stock answer is "use local roles". I had a proposal up to create an interface for programmatically adding roles on dev.zope.org but it's quite dead. The thought behind this is that actual roles are reserved for administrator usage, not developer usage. Which leaves us in sort of this weird state that I'm not completely comfortable with, but don't have time to argue. :-)
----- Original Message ----- From: Randall Kern To: zope@zope.org Sent: Wednesday, November 29, 2000 9:12 PM Subject: [Zope] adding roles to Zope in Product.initialize()
I wish to restrict the creation of a class (SpokeSite) to people with the "Add Spoke Site" permission, and in turn only provide that permission to people in the 'Super-manager' Role.
When I call ProductContext.registerClass for my SpokeSite class, I can pass the permission argument with the tuple ('Add Spoke Site', 'Super-manager'), which does a good job of limiting the availability of my class (just as I desire).
However, I would like my Product to automatically create the 'Super-manager' Role, if it doesn't exists. The bad part is that this role needs to be added before any of my objects exist, which makes it hard...
I've got it *working* by cheating, and using the private __app attribute of the ProductContext. Is there a better way for python Products to alter the Zope installation (add Roles, create Folders, etc.) during installation?
Thanks! -Randy