(This was my reply. I forgot to add zope@zope.org to cc, so I'm now forwarding it. Sorry for the confusion... I'm new to the list.) Le Mercredi 21 Février 2001 18:58, vous avez écrit :
On Thursday 22 February 2001 07:44, Jérôme Loisel wrote:
I am somewhat unable to check whether or not the user has manager access to some object object. The following does not work as expected:
<dtml-if "AUTHENTICATED_USER.has_role('Manager', _.getitem('.news'))"> <P>Blah.</P> </dtml-if>
Instead of getting a true result if the user has manager acces to the .news item (a folder), I get a true result if the user has manager access to his context.
Have you checked what parameters AUTHENTICATED_USER.has_role() accepts? (try looking in the ZQR). AFAIK, it only accepts a list of role names, no objects, and can only tell you if the user has that role, as specified in the acl_users folder.
After more digging around, I finally found it. Read on if interested. (Or skip to the next section, I had another question.) My problem was this: I have a .news folder. I selectively grant manager access to that folder for some users. When such a user browses the site, any part of the site, he should see an "Add a news item" button appear. So I needed to check whether or not the user has manager acces _to the .news folder_. <quote src="zqr"> has_role(roles, [object]) Check to see if a has a given role or roles. </quote> I can see that calling has_role(roles) works as expected. Sadly, calling has_role(roles, object) does not seem to yield a different behavior. And that behavior is what I was looking for. However... <quote src="zope_help_system"> hasRole(object, roles): Return a value that is true if the user has the given roles on the given object and return false otherwise. Permission - Always available </quote> At first I did not even notice that this is a different function altogether. Silly me. Calling the following works. <dtml-with .news> <dtml-if "AUTHENTICATED_USER.hasRole('Manager')"> Blah. </dtml-if> </dtml-with So you did in fact point me in the right direction... You told me to go re-read the docs. :-)
[...]
Related question: How do I access AUTHENTICATED_USER from Python?
self.AUTHENTICATED_USER works for me.
Hmmm. I was not clear enough. I meant from PythonScript objects. context.AUTHENTICATED_USER does not work for me. I get no better results with container (obviously) or namespace (bound properly, of course). Thank you very much for your help. Cheers, Jérôme Loisel -- Jérôme Loisel Lévinux: GNU/Linux dans les communautés à Lévis ------------------------------------------------------- -- Jérôme Loisel Lévinux: GNU/Linux dans les communautés à Lévis