At 01:18 AM 7/26/99 +0200, Alexander Staubo wrote:
It turns out -- and until I hear anything else, I chalk this up as a bug -- that if you rescind all permissions from the "Manager" role, Zope will behave like described below. Try it -- it's weird.
The issue is that as of Zope 2, the management screens are tailored to match your permissions. If you don't have permissions for the method that produces a management screen, it won't be shown to you. The available management tabs are trimmed to match what you are authorized to do. Therefore if there are say 5 management tabs on a given object and you only have permissions to see one of them, 'View', then that's what you'll get back from 'manage_workspace'. So clicking on an object in the management screen would show you 'index_html' in this case. Also the product add list will now not display objects that you don't have adequate permissions to create.
The behaviour is slightly different under beta 1, but still not correct. If I login as the "superuser", theoretically I should have unlimited access, correct?
Right. If you log in as the superuser but still see restricted management screens this is a bug. If this is the case and you haven't already filed it in the Collector, please do so. Thanks, and sorry for the confusion. -Amos