On Fri, 2004-05-07 at 13:29, Dieter Maurer wrote:
Andy Altepeter wrote at 2004-5-7 10:59 -0500:
I have a zope folder that contains multiple documents. Users order a document to be created by our communications office. That office then uploads that word document (not through ZMI). I want users to have access to ONLY those documents they have ordered. And all this needs to be done programmatically and not through ZMI. ... Is there another way to do this?
Yes.
Protect your documents by a permission granted only to priviledge roles. This will prevent normal users to access them directly.
Is changing the 'View' permission on the container to: (Manager,<local priv role>) sufficient?
Provide an access service though a PythonScript. You can use the "sub_traversal" feature of "PythonScripts" to do this easily. Give this (or these) scripts a proxy role (see Zope book, for details) such that they have the necessary priviledge to access the documents.
Wow. That is such a slick pattern, and SO easy to setup. Many Thanks Dieter! Andy