RE: [Zope] Security question...
Thanks Hans... It's nearly what I want...except the report will still be visible on the previous menu - I guess the user would be able to click on it, but they would be redirected to another page. It's a bit dirty - I wish there was a better option! I'll keep fiddling :) P -----Original Message----- From: H.de.Wit@SFK.NL [mailto:H.de.Wit@SFK.NL] Sent: Tuesday, 28 January 2003 7:56 PM To: Peter Skipworth; zope@zope.org Subject: Re: [Zope] Security question... It is a little cheap, but this should work: You can exclude the two users (it is 1 report, isn't?) by adding a call to a pythonscript to your report. content of the pythonscript something like this: from AccessControl import getSecurityManager user = getSecurityManager().getUser() if user=="George" or name=="Saddam": target='www.friendsforever.org' RESPONSE.redirect(target) return # i don't know why, but this return seems to be necessary. Hans de Wit Stichting Farmaceutische Kengetallen Postbus 30460 2500 GL DEN HAAG Tel. 070-3737448 Fax 070-3737445 |---------+---------------------------> | | pskipwort@touchc| | | orp.com | | | Sent by: | | | zope-admin@zope.| | | org | | | | | | | | | 28-01-2003 05:36| | | | |---------+--------------------------->
-----------------------------------------------------------------------
---| | | | To: zope@zope.org | | cc: | | Subject: [Zope] Security question... |
-----------------------------------------------------------------------
---| I thought this might be in the FAQ, but can't seem to find it in there... I have a particular report which I want "Everyone with Role 'A' to be able to View except for users U1 and U2' I do not want to remove U1 and U2 from Role A globally - is there an easy of of locally removing 'View' permission for 2 specific users, and retain View permissions for other users sharing the role ? Thanks, P PETER SKIPWORTH SYSTEM ADMINISTRATOR TOUCHCORP LTD TELEPHONE 03 9635 2626 www.touchcorp.com _______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) _______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Can't you hide or show the "previous menu" based on something like: <dtml-unless "SecurityGetUser() .getUserName() in ignoreUserList"> put up that report option ... </dtml-unless> note: ignoreUserList is a list like: ['george','harry'] Then users in the ignoreUserList will never see the menu option. Simple, but I've used this approach in my projects. David ----- Original Message ----- From: <pskipwort@touchcorp.com> To: <H.de.Wit@SFK.NL>; <zope@zope.org> Sent: Tuesday, January 28, 2003 3:11 PM Subject: RE: [Zope] Security question...
Thanks Hans...
It's nearly what I want...except the report will still be visible on the previous menu - I guess the user would be able to click on it, but they would be redirected to another page. It's a bit dirty - I wish there was a better option! I'll keep fiddling :)
P
-----Original Message----- From: H.de.Wit@SFK.NL [mailto:H.de.Wit@SFK.NL] Sent: Tuesday, 28 January 2003 7:56 PM To: Peter Skipworth; zope@zope.org Subject: Re: [Zope] Security question...
It is a little cheap, but this should work: You can exclude the two users (it is 1 report, isn't?) by adding a call to a pythonscript to your report. content of the pythonscript something like this:
from AccessControl import getSecurityManager user = getSecurityManager().getUser() if user=="George" or name=="Saddam": target='www.friendsforever.org' RESPONSE.redirect(target) return # i don't know why, but this return seems to be necessary.
Hans de Wit Stichting Farmaceutische Kengetallen Postbus 30460 2500 GL DEN HAAG Tel. 070-3737448 Fax 070-3737445
|---------+---------------------------> | | pskipwort@touchc| | | orp.com | | | Sent by: | | | zope-admin@zope.| | | org | | | | | | | | | 28-01-2003 05:36| | | | |---------+--------------------------->
-----------------------------------------------------------------------
---| |
| | To: zope@zope.org
| | cc:
| | Subject: [Zope] Security question...
|
-----------------------------------------------------------------------
---|
I thought this might be in the FAQ, but can't seem to find it in there...
I have a particular report which I want "Everyone with Role 'A' to be able to View except for users U1 and U2'
I do not want to remove U1 and U2 from Role A globally - is there an easy of of locally removing 'View' permission for 2 specific users, and retain View permissions for other users sharing the role ?
Thanks,
P
PETER SKIPWORTH SYSTEM ADMINISTRATOR TOUCHCORP LTD TELEPHONE 03 9635 2626 www.touchcorp.com
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
participants (2)
-
David Hassalevris -
pskipwortï¼ touchcorp.com