access rule and authentication
Hi, Python Script which is set as "Access Rule" for some Folder is execute before authentication is done. This way the following code won't work if context.portal_membership.getAuthenticatedUser().getId() == "admin": return "dog" return "cat" I will always get "cat". So does somebody know how to resolve it? Regards Krzychula
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Krzysztof Kubacki wrote:
Hi,
Python Script which is set as "Access Rule" for some Folder is execute before authentication is done. This way the following code won't work> if context.portal_membership.getAuthenticatedUser().getId() == "admin": return "dog" return "cat"
I will always get "cat". So does somebody know how to resolve it?
AcceseRules run during path traversal, before any authentication is done (Zope2 does "inside out" authentication starting at the "published" objectd). You might be able to force user validation to be attempted earlier, e.g. by calling 'validate' directly on the user folder. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDU/ka+gerLs4ltQ4RAtJtAKDYknRJMxX3kShfmQuEvs+UX0uYgwCeM2WR ygDsqyOWKuoWWiJgUVWlvSo= =3Pn+ -----END PGP SIGNATURE-----
Tres Seaver wrote:
AcceseRules run during path traversal, before any authentication is done (Zope2 does "inside out" authentication starting at the "published" objectd). You might be able to force user validation to be attempted earlier, e.g. by calling 'validate' directly on the user folder.
Didn't someone add a post-authentication hook for this kind of thing? cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chris Withers wrote:
Tres Seaver wrote:
AcceseRules run during path traversal, before any authentication is done (Zope2 does "inside out" authentication starting at the "published" objectd). You might be able to force user validation to be attempted earlier, e.g. by calling 'validate' directly on the user folder.
Didn't someone add a post-authentication hook for this kind of thing?
Yes, but it runs too late to help for all the use cases AccessRules address (like changing the publishing path). Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDVNAK+gerLs4ltQ4RAp28AKDZyoLYz2UemJtj8Jt7NMMxyv0nIwCggoEr pZf1i/CpHXoOI5geoWITcEI= =9qHV -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Krzysztof Kubacki wrote:
Hi,
Python Script which is set as "Access Rule" for some Folder is execute before authentication is done. This way the following code won't work> if context.portal_membership.getAuthenticatedUser().getId() == "admin": return "dog" return "cat"
I will always get "cat". So does somebody know how to resolve it?
AcceseRules run during path traversal, before any authentication is done (Zope2 does "inside out" authentication starting at the "published" objectd). You might be able to force user validation to be attempted earlier, e.g. by calling 'validate' directly on the user folder.
How do do it? Any code example? REQUEST = context.REQUEST user_obj = UserFolder() user = user_obj.validate(REQUEST) Does not work Regards KK
participants (3)
-
Chris Withers -
Krzysztof Kubacki -
Tres Seaver