RE: [Zope] How to distinguish between objects with and without ac cess restrictions
Hello again,
after a week or so without any zoping (bad days indeed ;-) I have another problem with an automatic folder list: I combine some sites in one Zope site and have on the top page a list of the available sites. It's just something like
<UL> <dtml-in "objectValues(['Folder'])"> <LI><A HREF="<dtml-var id>"><dtml-var title></A> </dtml-in> </UL>
Well, no problem ... except when there are (and there is) folders, that are not accessible to the public. Then you can only view the hole page with a password. One solution is to make this page a proxy for "manager" (and as far as I see is there no way to do it otherwise, right?).
Try this and let me know how it works: <dtml-in "objectValues(['Folder'])" skip_unauthorized> <LI><A HREF="<dtml-var id>"><dtml-var title></A> </dtml-in> Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com
Brian Lloyd wrote:
Hello again,
after a week or so without any zoping (bad days indeed ;-) I have another problem with an automatic folder list: I combine some sites in one Zope site and have on the top page a list of the available sites. It's just something like
<UL> <dtml-in "objectValues(['Folder'])"> <LI><A HREF="<dtml-var id>"><dtml-var title></A> </dtml-in> </UL>
Well, no problem ... except when there are (and there is) folders, that are not accessible to the public. Then you can only view the hole page with a password. One solution is to make this page a proxy for "manager" (and as far as I see is there no way to do it otherwise, right?).
Try this and let me know how it works:
<dtml-in "objectValues(['Folder'])" skip_unauthorized> <LI><A HREF="<dtml-var id>"><dtml-var title></A> </dtml-in>
I think you misunderstand his question...he wants anonymous users in the top level folder to be able to run this code in viewing the top level folder so that they see both public and private sub-folders, because those anonymous users may also be users who have ids/passwords, but they may also be the non-users. When they access a private sub-folder only then should they be prompted for a password. I ran into this but never persued it. I think he needs to use proxy roles, but I never brushed up on that in the manual. It would also be useful, I think, if he could have some code to mark which folders require a password. Cheers... Bruce -- Bruce Elrick, Ph.D. Saltus Technology Consulting Group Personal: belrick@home.com IBM Certified Specialist Business: belrick@saltus.ab.ca ADSM, AIX Support, RS/6000 SP, HACMP
Bruce Elrick wrote: <...>
Try this and let me know how it works:
<dtml-in "objectValues(['Folder'])" skip_unauthorized> <LI><A HREF="<dtml-var id>"><dtml-var title></A> </dtml-in>
I think you misunderstand his question...he wants anonymous users in the top level folder to be able to run this code in viewing the top level folder so that they see both public and private sub-folders, because those anonymous users may also be users who have ids/passwords, but they may also be the non-users. When they access a private sub-folder only then should they be prompted for a password.
I ran into this but never persued it. I think he needs to use proxy roles, but I never brushed up on that in the manual. It would also be useful, I think, if he could have some code to mark which folders require a password.
Cheers... Bruce
Well, you are both right, because when I reviewed my question I recognized, that I was somehow ambiguous. 1) Using skip_unauthorized is definitly the easiest way and it works. 2) Getting knowledge about folders you are not authorized to look at works only defining this page as a proxy. Thanks Michael ======================================================================= Michael Gutmann M.A. | Universitaetsrechenzentrum | Heinrich-Heine-Universitaet Duesseldorf | Tel. : +49 211 81-11969 | e-mail: gutmann@uni-duesseldorf.de | This space is intentionally http://gutmann.rz.uni-duesseldorf.de/ | left blank. =======================================================================
participants (3)
-
Brian Lloyd -
Bruce Elrick -
Michael Gutmann