Zope security isn't exactly clear to me - could someone help out my working me through this example:
I have a Users folder, and inside this folder I want to create users and for every user a folder, with just enough rights to create homepages. Furthermore, say that I have a set of users I trust a bit more that can also create Confera topics on their homepages.
1. Create two roles: (eg.) SiteUsers and SitePowerUsers. 2. For your Users folder, go to the Security tab and give appropriate permissions to these roles; for example, you'll want full DTML access to SiteUsers and SitePowerUsers, but Confera permissions only to SitePowerUsers. 3. Go to each and every home folder (eg., Users/Bob), click on the Security tab, select Local Roles, and assign the SiteUsers role to the user or users who should own this folder. For power users, add the SitePowerUsers as well. You might want to build a ZClass or External Method combo to ease this process (eg., a form which lets you add new home folders).
BTW: is there a way to log out from the management environment so you can connect as a user with less privileges for testing purposes?
That's browser-specific -- Zope's management interface does not do persistent logins. Just open a new browser instance. In IE 5.0, just open a new window. -- Alexander Staubo http://www.mop.no/~alex/ "He could open a tin of sardines with his teeth, strike a Swan Vestas on his chin, rope steers, drive a steam locomotive and hum all the works of Gilbert and Sullivan without becoming confused or breaking down in tears." --Robert Rankin, _The Book of Ultimate Truths_