Dave Case wrote at 2005-10-26 15:32 -0700:
I'm trying to build a product through the ZMI (like the example in The Zope Book), I have some DTML methods in a ZClass were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product.
What does that mean? Do you see the corresponding "Permission" object in your product?
... When I look around in the Permissions and Define Permissions of the various objects (both the ZClass, and the DTML methods), I don't see my permission in the lists, except for under 'Class Permissions' in the Permissions tab for the ZClass (were I have highlighted it, which I assume is correct?)
The call to SecurityCheckPermission() looks like this...
<dtml-if expr="_.SecurityCheckPermission('Manage Diary',this())">
Do you get any errors (full error information is always vital when you report problems; in case of "Error"s, this includes at least "Error type", "Error value" and the traceback!). But, I suppose that you misunderstand how permissions work (in general and with ZClasses in particular). "SecurityCheckPermission(P,o)" will only return true when the current user has permission "P" on object "o". The "user -> role" and "role -> permission" mapping determine this fact. Thus, unless you adapted a "role -> permission" mapping, only the Zope "Manager" will have this permission (by default). A ZClass combines some objects whose methods are protected by specific permissions. You may want to change these permissions for your ZClass components. Therefore, you can define permissions ("Define permissions" tab) available for this purpose. Then, in your specific object, you can use the "Permission mapping" tab to map the objects permissions to some of your own. -- Dieter