On 10/18/05, Chris Crownhart <chris@shiftzz.com> wrote:
Good day,
I am wondering if/how I could control the permissions on an object based on the value of an attribute.
So, as an example, I have multiple users, and multiple values for the category field. I would like User A to access the object if the category ='financial', and User B access the object if the category='other'.
If, as Mark asked, different users with different access privileges have different roles, then how about writing a condition (TALES expression) for the View action of your content type? Something along the lines of python: member and (member.has_role('Accountant') and context.category=='financial') or (member.has_role('Editor') and context.category=='other') Don't quote me on the exact expression, though, you should test that. Rob