----- Original Message ----- From: Alexander Staubo <alex@mop.no> To: Zope Mailing List (E-mail) <zope@zope.org>; <cg@cdegroot.com> Sent: Tuesday, July 13, 1999 10:46 PM Subject: RE: [Zope] Question: user homepages
Zope security isn't exactly clear to me - could someone help out my working me through this example:
I have a Users folder, and inside this folder I want to create users and for every user a folder, with just enough rights to create homepages. Furthermore, say that I have a set of users I trust a bit more that can also create Confera topics on their homepages.
1. Create two roles: (eg.) SiteUsers and SitePowerUsers.
2. For your Users folder, go to the Security tab and give appropriate permissions to these roles; for example, you'll want full DTML access to SiteUsers and SitePowerUsers, but Confera permissions only to SitePowerUsers.
3. Go to each and every home folder (eg., Users/Bob), click on the Security tab, select Local Roles, and assign the SiteUsers role to the user or users who should own this folder. For power users, add the SitePowerUsers as well.
You might want to build a ZClass or External Method combo to ease this process (eg., a form which lets you add new home folders).
BTW: is there a way to log out from the management environment so you can connect as a user with less privileges for testing purposes?
That's browser-specific -- Zope's management interface does not do persistent logins. Just open a new browser instance. In IE 5.0, just open a new window.
Couldn't you just raise Unauthorized, that should then reset the security and allow you to login again. e.g. <!--#raise Unauthorized--> <!--#/raise--> This works with PHP3 for instance but I've not tried it with Zope (yet). HTH Phil phil@philh.org