prevent user aquisition with custom userfolder
hello all some problem with user and access stuff: iv'e written my own user and userfolder classes which work just fine, but i need a special behaviour: if a userfolder is defined in an objectmanger instance only those users defined in this specific userfolder should be valid in the context. the normal behaviour -- as you might now -- is to inherit the users from the parents it seems that this can not be done in the userfolder itself -- of course somewhere in the zope machinery ther must be some aq_parent stuff when authorizing a user to a specific context has anybody got an idea where i can subclass something and override the dependent methods? thanks in advance, bernd
zope-mailinglist wrote:
has anybody got an idea where i can subclass something and override the dependent methods?
It's pretty deeply ingrained and I think you'll have a hard time customising it to meet your needs. cheers, Chris
Chris Withers wrote:
zope-mailinglist wrote:
has anybody got an idea where i can subclass something and override the dependent methods?
It's pretty deeply ingrained and I think you'll have a hard time customising it to meet your needs.
cheers,
Chris
for the posterity ... finally i found a solution its sufficient to return a user with only the anonymous role like this: from AccessControl.User import SpecialUser ... def getUser(self,id): user = self._ps.get(id) if not user: user = SpecialUser(id,'',('Anonymous',), []) return user cheers, bernd
zope-mailinglist writes:
... it seems that this can not be done in the userfolder itself -- of course It can, quite easily.
Usually, a UserFolder returns "None" when it cannot validate the user, *unless* it is the top level UserFolder. The top level user folder returns the "Anonymous User", in this case. The "None" tells ZPublisher that the use is not yet recognized and that it must look further up. As you see, your UserFolder just needs to return the "Annonymous User" object when it cannot validate. HOWEVER, be very careful! It is extremely easy to block your site managers (usually defined in the top level UserFolder) from entering the subhierarchy under control of your specialized UserFolder. As soon as you create one (it will probably be empty), only the Emergency User can do anything in this subhierarchy (until it created new Managers in this UserFolder)! Dieter
participants (3)
-
Chris Withers -
Dieter Maurer -
zope-mailinglist