Hello, can someone please explain to me (a Zope newby) why this fragment avaluates always to the KO branch ? <dtml-in get_valid_userids prefix="seq"> <dtml-if "seq_item == AUTHENTICATED_USER "> OK <dtml-else> KO item: <dtml-var AUTHENTICATED_USER><br> user: <dtml-var seq_item><br> </dtml-if> </dtml-in> thanks in advance !! peppo
AUTHENTICTED_USER is an object not a string, you probably want: <dtml-if "seq_item == AUTHENTICATED_USER.getUserName() "> or <dtml-if "seq_item == AUTHENTICATED_USER.getId() "> hth ----- Original Message ----- From: "Giuseppe Bonelli" <g.bonelli@pn.itnet.it> To: <zope@zope.org> Sent: Monday, August 13, 2001 1:25 PM Subject: [Zope] Help on syntax (please!)
Hello,
can someone please explain to me (a Zope newby) why this fragment avaluates always to the KO branch ?
<dtml-in get_valid_userids prefix="seq"> <dtml-if "seq_item == AUTHENTICATED_USER "> OK <dtml-else> KO item: <dtml-var AUTHENTICATED_USER><br> user: <dtml-var seq_item><br> </dtml-if> </dtml-in>
thanks in advance !!
peppo
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Hi Giuseppe, this is because AUTHENTICATED_USER looks like a string but isn't one. This is because python objects can define different views to their content. So if you just say <dtml-var AUTHENTICATED_USER> the DTML machinery looks if its callable, calls it or uses str() on it. What ever comes back is a string. But if you use it in an expression like you do below, its not a string and therefore you cannot compage it like this. You get the string of the Username by calling: AUTHENTICATED_USER.getUserName() But may be there is a better solution for the whole problem you want to solve. There is a security mechanism already built in into zope. The userfolder is not only a memory for user-ids :) Instead each user can be in one or more roles. These roles in turn cover various permissions. So instead of managing extra lists of what which user may be can do, let the security engine do its job. Define a permission for your task, assign it to a role and give each user you want this role. Cover the method (or folder) with this permission. If either someone with insufficient right tries to use the method (s)he gets the requester to authenticate or you can use ZopeFind (see thread with Dieter Maurer on this matter) to give out automatical navigation links based on the current users rights. HTH Tino Wildenhain PS: sorry to be a bit vague, but I'm unable to write a complete zope book into the mail ;) --On Montag, 13. August 2001 14:25 +0200 Giuseppe Bonelli <g.bonelli@pn.itnet.it> wrote:
Hello,
can someone please explain to me (a Zope newby) why this fragment avaluates always to the KO branch ?
<dtml-in get_valid_userids prefix="seq"> <dtml-if "seq_item == AUTHENTICATED_USER "> OK <dtml-else> KO item: <dtml-var AUTHENTICATED_USER><br> user: <dtml-var seq_item><br> </dtml-if> </dtml-in>
thanks in advance !!
peppo
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
participants (3)
-
Giuseppe Bonelli -
Phil Harris -
Tino Wildenhain