-----Original Message----- From: Martijn Pieters [mailto:mj@antraciet.nl] Sent: Tuesday, May 11, 1999 10:23 PM To: Jay, Dylan; 'Jason Spisak'; zope@zope.org Subject: Re: [Zope] RE: What method do I use to check access?

At 01:28 11/05/99 , Jay, Dylan wrote:

...

...

Jay,

Try <!--#if "AUTHENTICATED_USER.has_role('foo')"-->. There was an excellent posting in the archives about all the possibilities with the user object. Also read the files in the AccessControl folder inside Zope/lib/python.

the has_role method I already use and is not convienient as it means I have to hard code the roles. I've looked in AccessControl and only come across def allowed(self,parent,roles=None): but was unsuccessful in getting it to do what I want.

I will look for that email in the archives.

AUTHENTICATED_USER.allowed won't do what you want, I think. A now deprecated method that is now replaced by has_role was nothing more than an alias to the allowed() method, so you cannot get any (or much) more information from allowed() than you can get from has_role().

Explain to us what you want to do.

I want a method such that <!--#if "AUTHENTICATED_USER.hasPermission('View',myDoc)"--> or something similar.