on or about, Thursday, January 02, 2003, we have reason to believe that Matthew Russell wrote something along the lines of :
We have an existing system, where each of our customers (companys) gets a new subfolder of our site: e.g http://url:8080/customers/companyA ... However, say i want each company to call a method : getFinancialRecords(company, username) So I am thinking, is it possible to include my Product 'X' (that has the getFinancialRecords method) in the "customers" folder and still preservce security and access levels? ... Is there a better way that can i allow different levels of access to getFinancialRecords for different users of company 'A' for example?
if you start out with just an External Method , you could get a lot done with little work. external methods get passed 'self' by magic, so you could call it like this : <p tal:content="here/getFinancialRecords" /> in your pagetemplate. your external method could look something like this.. def getFinancialRecords(self): from AccessControl import getSecurityManager sec_mgr = getSecurityManager() if sec_mgr.checkPermission('View management screens', self): # the current user has permissions to view management screens on # the current object, thus he should get the fincancial data company = self.company # assumes company to ba a property of each company's folder Whatever code fetches the actual data return data else: return "You do not have permissions to see financial data for this company" :) -- Geir Bækholt geir@funcom.com Tools/HCI-developer Tools/Billing - Product Operations Funcom Oslo