Sorry for all the questions. How do you override this setting? I have other users in this IP address range that I want to be able to login to other accounts. I noticed I can't logout of this account. Andrew R. Halko -----Original Message----- From: Dieter Maurer [mailto:dieter@handshake.de] Sent: Saturday, May 31, 2003 5:20 AM To: Andrew R. Halko Cc: Zope@zope.org Subject: RE: [Zope] FW: Change roles with python Andrew R. Halko wrote at 2003-5-29 15:21 -0400:
Well I want to give users with a certain IP range access to objects that regular visitors are not. I have a very large organization and I want everyone in the organization to be able to view certain content and they all will be within an IP range. Then I have another level of content that a user must login to view. Asking hundreds of people to register and also administrate them is nightmare/impossible.
The built-in UserFolder has such a feature: When you define a user with empty password and domain restriction, then requests coming from this domain are associated with this user provided it provides the required roles. This feature is now disabled by default but can be enabled on an instance base (look at the code, for details: --> "AccessControl/User.py").
So I set up two Roles Intranet User and Internal User. My objects have a state associated with them which is also associated to the various roles. Now I would like to use an access rule to check the users IP address and then set the role for them to be an Intranet User.
This will not work (easily): Roles are managed by the User object. A User object is only created after traversal finished, there is not yet a User object when AccessRules are executed. Dieter