Tone, Knowing something of how you do things in Newcastle, I'd hazard a guess that these 1200 users etc are already in a corporate DB, yes? If so then the easy way is to create the folders as you suggest, then create an external method which does selects on the db and sets local roles on the folders as you need them. Something along the lines of (untested): def setLocalRoles(self, deptid=None): res=self.theSelectQueryForDepts(deptid) theFolderWeWant=getattr(self,deptid,None) for r in res: theFolderWeWant.manage_setLocalRoles(r[0],['Manager']) The critical lines are the all the ones in the above procedure ;) But basically setting the local roles will give the people found local management rights, or you could create another role and give them that. The r[0] bit will need to be changed to pull back the correct field from your sql query. hth Phil phil.harris@zope.co.uk ----- Original Message ----- From: "Tony McDonald" <tony.mcdonald@ncl.ac.uk> To: "Zope mailing list" <zope@zope.org> Sent: Wednesday, May 30, 2001 7:09 AM Subject: [Zope] Authenticated Users and lots of folders
Hi all, I need the Zen of the list here, before I go off and implement something weird wild and wacky.
I have a lot of authenticated users (1200 staff, 14000 students). The staff are associated with a department. There are 85 departments, each with a code (eg 1550 = Medical Faculty) I want all authenticated staff to be able to add entries to a database. I want some staff to be able to act as 'Editors', that is, allow the database entries to be displayed.
Thing is I *don't* want staff from dept 'a' to be able to act as editors for dept 'b'.
We currently use UserDB to do our cookie based authentication.
My first thought was to create 85 folders, with ids '1550', '1099' etc and install a UserDB into each one of them. Each one of the folders has a property 'dept', that is the value of the dept code (eg 1550). I then do a ZSQL query something like
Select username, password, roles, domains from password, dept_code from departments where username = <dtml-sqlvar username type=string> and dept_code = <dtml-sqlvar dept type=string>
Does this sound sensible to people? Does anyone have a better idea! :)
(please don't say I need to use CMF - I'm tracking that list, but I can't figure out how to extract the various parts of CMF (reviewers etc) to use in my situation). TIA Tone -- Dr Tony McDonald, Assistant Director, FMCC, http://www.fmcc.org.uk/ The Medical School, Newcastle University Tel: +44 191 243 6140 A Zope list for UK HE/FE http://www.fmcc.org.uk/mailman/listinfo/zope
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )