On Sat, 2 Oct 2004 19:18:37 +0100, Jens Vagelpohl <jens@dataflake.org> wrote: *snip*
Is there a certain ``id`` that the satellite must have in order to be effective? Right now, with logging on 9, nothing shows up in the log besides the two lines at the end of this message, as if the satellite is being bypassed entirely when authentication happens.
Or is there a certain structure that I am not following, i.e. the satellite is sitting inside the actual folders for which I want to give augmented roles. Is this the proper setup?
Yes, this is the proper setup. It is important to note that the LDAPUserSatellite only works in conjunction with a LDAPUserFolder, the link here is the kind of user object emitted by the LDAPUserFolder. Only a user object of class LDAPUser has a specialized "allowed" method that tries to find and use LDAPUserSatellite objects to augment its roles on a per-request basis.
I took a look at the source and it seems straightforward enough. When I did a little introspection, I found something that might be a problem. I created an external method to report the type of the current user object (needed to be an external method for ``type``), and for both kinds of users, standard (i.e. admin in the default user folder), and authenticated out of LDAP, I got:: <extension class Acquisition.ImplicitAcquirerWrapper at 40796180> so it appears that the users aren't gaining roles because the ``allowed`` method of LDAPUser isn't getting called. Could this have something to do with it, or am I way off base? -- Chris Connett