Hello, I am implementing a self registering form for new users to gain access to zope. Users should fill in some data and a python Script assigns them a password as well as domains and roles. Or what is the same , the script creates a new user. When testing the Python Script I was logged in as me with manager role so everything worked fine, but if someone with no previous login wants to create a user, he is prompted to provide a login and password. The problem is that they cannot access the acl_users folder (since they are no users and obviously the have no permissions) . What could I do to make this work? Thanks a lot in advance for your help, Belén This is the Script: import string from Products.PythonScripts.standard import html_quote request = container.REQUEST RESPONSE = request.RESPONSE if context.acl_users.getUser(request.form['name']): RESPONSE.redirect('/UserAlreadyExists') else: context.acl_users.manage_users('Add', context.REQUEST) context.confirmLoginByMail(request.form['name'], request.form ['email']) RESPONSE.redirect('/UserHasBeenAdded')
A real hack would be to write a python script (external method??) which uses urllib to poke your zope and basically submit the forms as if it was you doing this...(ie create your own posts as if you were the create user form posting to zope) Not sure how secure this would be? I have done it from a server process. There may be a better way though (fingers crossed) ChrisK belen@netcom.no wrote:
Hello,
I am implementing a self registering form for new users to gain access to zope. Users should fill in some data and a python Script assigns them a password as well as domains and roles. Or what is the same , the script creates a new user.
When testing the Python Script I was logged in as me with manager role so everything worked fine, but if someone with no previous login wants to create a user, he is prompted to provide a login and password.
The problem is that they cannot access the acl_users folder (since they are no users and obviously the have no permissions) . What could I do to make this work?
Thanks a lot in advance for your help,
Belén
This is the Script:
import string from Products.PythonScripts.standard import html_quote request = container.REQUEST RESPONSE = request.RESPONSE
if context.acl_users.getUser(request.form['name']): RESPONSE.redirect('/UserAlreadyExists')
else: context.acl_users.manage_users('Add', context.REQUEST) context.confirmLoginByMail(request.form['name'], request.form ['email']) RESPONSE.redirect('/UserHasBeenAdded')
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
I am implementing a self registering form for new users to gain access to zope. Users should fill in some data and a python Script assigns them a password as well as domains and roles. Or what is the same , the script creates a new user.
When testing the Python Script I was logged in as me with manager role so everything worked fine, but if someone with no previous login wants to create a user, he is prompted to provide a login and password.
The problem is that they cannot access the acl_users folder (since they are no users and obviously the have no permissions) . What could I do to make this work?
Check out Proxy Roles. http://www.zope.org/Members/lvogel/proxy http://www.zope.org/Members/msx/ChangeOwnPassword-mini-howto
belen@netcom.no writes:
.... When testing the Python Script I was logged in as me with manager role so everything worked fine, but if someone with no previous login wants to create a user, he is prompted to provide a login and password. You are looking for "Proxy Roles"...
Dieter
participants (4)
-
belen@netcom.no -
Chris Keyes -
Dieter Maurer -
Steve Drees