Mark McEahern wrote:
[Andy McKay]
Erm actually a different question. Take a look at http://www.zope.org/Members/4am/FolderFilter for example.
I installed this and had a quick glance at it. My impression is that it is designed to reduce visual clutter, not necessarily to restrict what types of things can show up in a Folder--true? That is (and I'm very much a Zope newbie, so I'm sure I won't express this as clearly as it could be expressed) suppose I define a filter to hide VirtualHostMonster. I then apply that to the Virtual Hosts folder:
/Root/Virtual Hosts/ site1/ site2/
Well, what's to prevent the owner (manager?) of site1 from removing that filter? The only filter related permission I saw was "Add Folder Filter Holder." Not anything like, "Set/Remove Filter."
And even if the owner/manager of site1 couldn't remove the filter, wouldn't they still be able to do something like:
manage_addProduct('VirtualHostMonster')
(from a Python Script?)
Mark, you can't do that on a per "site" basis, but you can do it on a per folder&user basis. Zope has quite fine grained ACL (so to say). Add acl_user folders in your site folders: /Root/ site1/ /acl_users site2/ /acl_user On the security tab of the site folders, add a new group. Give this group all the rights you want to give them (never give add Users (User Folder) rights unless you want users being able to create their own Manager Accounts) Now give the users on that site an account of the group you created and you're ready. Btw. the AddList adapts because it shows only products you're allowed to add. HTH, oliver