At 02:09 PM 2/18/00 -0700, Bill Anderson wrote:
James W. Howe wrote:
<concern about visibility of objects for which the current user has no authority>
If I understand you correctly, you should just need to create zclasses for the objects (or do ti in python, if you prefer) 'issues', 'classifieds', etc., and assign different permissions. For example, the ClassifiedAd Objects would look for a role of "ClassifiedManager" or something like that, and only the person managing the ads has that role, so they can modify.
Then you just test for the role when displaying the content. If the person has the correct role (eg. ClassifiedManger), he can see the Content (eg. Classified Ads). ROles can do this with ease, if IUYC. =
I'm sort of using that approach. However, my ZClass instances are contained in a top level folder. When a user authenticates as an "ad manager" to the "folder/manage" method, this user will not only see folders which contain classified ads but folders containing issue information (I have ZClasses for IssueFolder and AdFolder, for example). What I want to have happen is if the authenticated user is an ad manager, they see only the objects which have a viewable permission for the users role. I don't want the user to see the object. As far as the user is concerned, these objects don't even exist. I can think of ways to do this, but they all involve more work than I would like to do, particularly if I'm just not understanding some capability of Zope. Thanks. James W. Howe mailto:jwh@allencreek.com Allen Creek Software, Inc. pgpkey: http://ic.net/~jwh/pgpkey.html Ann Arbor, MI 48103