I've written a DTML Method which builds a user roster and then accesses the portal_membership record for each of these users to output their email address. The method works fine as long as the user is a Portal Manager since the getMemberById method is protected by permission ManagePortal. I have an automated process which every so often will invoke the method (via http request) to retrieve the email addresses of all the portal users. The problem is that the method is not working properly because when the http request is invoked, the request is treat as an anonymous user. What must I do get this to work? I have tried to specify a userid:password on the http request, but Zope is not using this as the userid for the CMF access. Is there a way to specify userid/password in the URL so that I can access the DTML method which as I said can only be invoked by a Portal Manager. I've considered adding a non-Protected method to MembershipTool.py, but I really don't want to be modifying CMF. Any suggestions? Thanks Mark Snellings Stellar Communications, LLC msnellings@stellarcomms.com
So, how about giving it a proxy role of Manager?
From: "Mark Snellings" <msnellings@stellarcomms.com>
I've written a DTML Method which builds a user roster and then accesses the portal_membership record for each of these users to output their email address. The method works fine as long as the user is a Portal Manager since the getMemberById method is protected by permission ManagePortal.
How about for just that DTML method, change the Proxy Roles to manager in the Proxy Tab? Just an idea Cheers Tim ----- Original Message ----- From: Mark Snellings To: zope@zope.org Sent: Thursday, August 02, 2001 1:44 PM Subject: [Zope] Invoking a Protected CMF Method I've written a DTML Method which builds a user roster and then accesses the portal_membership record for each of these users to output their email address. The method works fine as long as the user is a Portal Manager since the getMemberById method is protected by permission ManagePortal. I have an automated process which every so often will invoke the method (via http request) to retrieve the email addresses of all the portal users. The problem is that the method is not working properly because when the http request is invoked, the request is treat as an anonymous user. What must I do get this to work? I have tried to specify a userid:password on the http request, but Zope is not using this as the userid for the CMF access. Is there a way to specify userid/password in the URL so that I can access the DTML method which as I said can only be invoked by a Portal Manager. I've considered adding a non-Protected method to MembershipTool.py, but I really don't want to be modifying CMF. Any suggestions? Thanks Mark Snellings Stellar Communications, LLC msnellings@stellarcomms.com
participants (3)
-
marc lindahl -
Mark Snellings -
Zope