(This was my reply. I forgot to add zope@zope.org to cc, so I'm now forwarding it. Sorry for the confusion... I'm new to the list.) Le Mercredi 21 Février 2001 18:58, vous avez écrit :
On Thursday 22 February 2001 07:44, Jérôme Loisel wrote:
I am somewhat unable to check whether or not the user has manager access to some object object. The following does not work as expected:
<dtml-if "AUTHENTICATED_USER.has_role('Manager', _.getitem('.news'))"> <P>Blah.</P> </dtml-if>
Instead of getting a true result if the user has manager acces to the .news item (a folder), I get a true result if the user has manager access to his context.
Have you checked what parameters AUTHENTICATED_USER.has_role() accepts? (try looking in the ZQR). AFAIK, it only accepts a list of role names, no objects, and can only tell you if the user has that role, as specified in the acl_users folder.
After more digging around, I finally found it. Read on if interested. (Or skip to the next section, I had another question.) My problem was this: I have a .news folder. I selectively grant manager access to that folder for some users. When such a user browses the site, any part of the site, he should see an "Add a news item" button appear. So I needed to check whether or not the user has manager acces _to the .news folder_. <quote src="zqr"> has_role(roles, [object]) Check to see if a has a given role or roles. </quote> I can see that calling has_role(roles) works as expected. Sadly, calling has_role(roles, object) does not seem to yield a different behavior. And that behavior is what I was looking for. However... <quote src="zope_help_system"> hasRole(object, roles): Return a value that is true if the user has the given roles on the given object and return false otherwise. Permission - Always available </quote> At first I did not even notice that this is a different function altogether. Silly me. Calling the following works. <dtml-with .news> <dtml-if "AUTHENTICATED_USER.hasRole('Manager')"> Blah. </dtml-if> </dtml-with So you did in fact point me in the right direction... You told me to go re-read the docs. :-)
[...]
Related question: How do I access AUTHENTICATED_USER from Python?
self.AUTHENTICATED_USER works for me.
Hmmm. I was not clear enough. I meant from PythonScript objects. context.AUTHENTICATED_USER does not work for me. I get no better results with container (obviously) or namespace (bound properly, of course). Thank you very much for your help. Cheers, Jérôme Loisel -- Jérôme Loisel Lévinux: GNU/Linux dans les communautés à Lévis ------------------------------------------------------- -- Jérôme Loisel Lévinux: GNU/Linux dans les communautés à Lévis
On Friday 23 February 2001 05:06, Jérôme Loisel wrote:
(This was my reply. I forgot to add zope@zope.org to cc, so I'm now forwarding it. Sorry for the confusion... I'm new to the list.)
Yeh... I used to keep making that mistake. (o8
My problem was this: I have a .news folder. I selectively grant manager access to that folder for some users. When such a user browses the site, any part of the site, he should see an "Add a news item" button appear. So I needed to check whether or not the user has manager acces _to the .news folder_.
Well, unless you're playing around with multiple acl_users object, this wouldn't make a difference. A user will have a role from the acl_users object down.
<quote src="zqr"> has_role(roles, [object]) Check to see if a has a given role or roles. </quote>
I can see that calling has_role(roles) works as expected. Sadly, calling has_role(roles, object) does not seem to yield a different behavior. And that behavior is what I was looking for. However...
Interesting... I might have a dig through the Zope sources and see what this is all about... Maybe you've just found a mistake in the ZQR.
<quote src="zope_help_system"> hasRole(object, roles): Return a value that is true if the user has the given roles on the given object and return false otherwise.
Permission - Always available </quote>
At first I did not even notice that this is a different function altogether. Silly me. Calling the following works.
Looks great. I didn't know about this one, tbh.
<dtml-with .news> <dtml-if "AUTHENTICATED_USER.hasRole('Manager')"> Blah. </dtml-if> </dtml-with
So you did in fact point me in the right direction... You told me to go re-read the docs. :-)
Hey,.... always glad to be of assistance. (o8 I find the ZQR is almost always my first call when I can't find the method I want.
[...]
Related question: How do I access AUTHENTICATED_USER from Python?
self.AUTHENTICATED_USER works for me.
Hmmm. I was not clear enough. I meant from PythonScript objects. context.AUTHENTICATED_USER does not work for me. I get no better results with container (obviously) or namespace (bound properly, of course).
Well, I would have thought this would work in Python Scripts (I use it in Python Methods)... However, IIRC AUTHENTICATED_USER actually lives inside the REQUEST object... try there, perhaps?
Thank you very much for your help.
Cheers,
Jérôme Loisel
Always glad to help. Have a better one, Curtis Maloney.
participants (2)
-
Curtis Maloney -
Jérôme Loisel