Check Security Permissions for a User?
hello, I played with the following code in a dtml-method to check if a user has a certain permission (e.g. "Manage Properties"): <dtml-var "_.SecurityGetUser().has_permission('Manage Properties',this())"> This results in 1 if the User has the permission or None if not... everything is fine so far. But when I do check for a nonexisting permission, like: <dtml-var "_.SecurityGetUser().has_permission('Really Unknown PermisionXXX',this())"> the result would be 1 too... What is the reason for this SecurityPolicy? Why not an exception? Or 0? thank you for advice Maik Jablonski.
It looks strange to me too. Please report this in the Collector, http://collector.zope.org/Zope Florent Maik Jablonski <maik.jablonski@uni-bielefeld.de> wrote:
I played with the following code in a dtml-method to check if a user has a certain permission (e.g. "Manage Properties"):
<dtml-var "_.SecurityGetUser().has_permission('Manage Properties',this())">
This results in 1 if the User has the permission or None if not... everything is fine so far.
But when I do check for a nonexisting permission, like:
<dtml-var "_.SecurityGetUser().has_permission('Really Unknown PermisionXXX',this())">
the result would be 1 too... What is the reason for this SecurityPolicy? Why not an exception? Or 0?
thank you for advice
Maik Jablonski. -- Florent Guillaume, Nuxeo (Paris, France) +33 1 40 33 79 10 http://nuxeo.com mailto:fg@nuxeo.com
participants (2)
-
Florent Guillaume -
Maik Jablonski