Fernstrom, Christer writes:
1) I want the same *authenticated user* to have different permissions at different parts of my server. Are local roles the best way to handle this? Yes
2) How can I get hold of the local user roles? <dtml-var expr="AUTHENTICATED_USER.getRoles()"> only returns the global role associated with the authenticated user. The Online Documentation says: give the "getRoles" an object as argument, then it should return the roles relative to this object. But, the code says, it will not work. --> Collector
You can use "getRolesInContext"; unfortunately, this is undocumented --> Collector
3) Is there a way to retreive the permissions that the authenticated user has on a given object? You can use "has_permission" to test for a sepific permission. I do not know of a way to get a permission list.
4) I have observed that when a user has been authenticated at a deeper level in the folder hierarchy, then <dtml-var expr="AUTHENTICATED_USER.getUserName()"> on a higher level yields 'Anonymous User'. Bug or normal behaviour? It should be precisely this way.
Details in URL:http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html Dieter