Eric Vautour wrote:
Hello all,
I have a stumper here. I am using the following code to determine the permissions of users
from AccessControl import getSecurityManager user = getSecurityManager().getUser() if user.has_permission('Change DTML Documents', ob):
This piece of code appears to detect appropriate permissions if the user is set up in an acl_users folder however, this piece of code does not appear to work at the "local role" level. That is to say that if I give "Jo" permissions to change the "index_html" document, the above code does not see "Jo" as having permissions to do so.
Is there any way to detect the permissions at the local role level?
Eric
Hello Eric, Local roles often slip through the usually used role- and permission checkings. I can't give you a direct answer to your question quickly (without searching myself). However I can tell you, how to check for roles in a certain context that way, that you get also the local roles. This might give you a starting point. I use local roles in one of our intranet sites to give users the ability to let other users edit their personal wiki pages (if they are in the mood, to do so). And I show in a sidebar, who has which roles (including specifically set local roles) in a certain place or on a certain document. For showing the roles of the currently authenticated user, I use the following DTML in my sidebar: <dtml-var expr="AUTHENTICATED_USER.getRolesInContext(this())"> (where I have to admit, that *AUTHENTICATED_USER* is not recommendable; use instead your *getSecurityManager().getUser()*, it's better). Instead of saying *getRolesInContext(this())*, you can also give a certain object, which you want examine and use something like *getRolesInContext(object)*. Maybe, this helps you a little further. Regards, --- Flynt