On Wednesday 21 May 2003 16:36, Thierry FLORAC wrote:
Hi,
I use LDAPUserFolder on my Zope (2.6.1) site. I have a context where I give local roles to users, and I have to know if a local role is given to a user (without inheritance, so I just use the 'get_local_roles_for_userid' function). OK for this !
My problem is that I also want to be able to use LDAPUserSatellite to grant a local role to a group of LDAP users. Granting the role is OK in terms of Zope permissions, but is there any way to know if a user has a local role on an object, given throught this mapping (and only throught this mapping) ??
Hi, For those of you which could be interested by the answer to this little problem, I found a solution : to check if the current user have a given role on an object, I use (with user=getSecurityManager().getUser() and rolename=name of the requested role) : return (rolename in object.get_local_roles_for_userid (user.getUserName())) \ or (rolename in object.acl_satellite.getAdditionalRoles (user))) The only (little) problem is that getAdditionalRoles is a private function of LDAPUserSatellite, and so can only be used in a Zope python product (at least, not in DTML or throught acquisition) Any other comment will be welcome... Thierry -- Linux every day, keeps Dr Watson away... http://gpc.sourceforge.net -- http://www.ulthar.net