This looks interesting to say the least, perhaps you could put it in the collector and someone might look at it some time? Chris Joseph Kocherhans wrote:
Well I've solved it for now. It smells hackish, but it seems to work well, and it's simple. At least I didn't have to patch any ZServer code ;)
I created a new Exception class:
from OFS.ObjectManager import BeforeDeleteException class Unauthorized(BeforeDeleteException): pass
and the raised this new Unauthorized exception in manage_beforeDelete if the permission check fails:
user = getSecurityManager().getUser() if not user.has_permission(DeleteFiles, self): raise Unauthorized
This gives me the pretty "Insufficient Privileges" error in Plone and a "530 Unauthorized" error via FTP if I'm not allowed to delete the file. It also seems to abort the transaction if I'm trying to delete multiple files TTW, which is exactly what I wanted. FTP deletetion will go ahead for any allowed files since it carries out deletions one at a time. Somehow I doubt that all FTP clients handle folder deletion in the same way, so we'll see how that pans out.
-- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk