It is a little cheap, but this should work: You can exclude the two users (it is 1 report, isn't?) by adding a call to a pythonscript to your report. content of the pythonscript something like this: from AccessControl import getSecurityManager user = getSecurityManager().getUser() if user=="George" or name=="Saddam": target='www.friendsforever.org' RESPONSE.redirect(target) return # i don't know why, but this return seems to be necessary. Hans de Wit Stichting Farmaceutische Kengetallen Postbus 30460 2500 GL DEN HAAG Tel. 070-3737448 Fax 070-3737445 |---------+---------------------------> | | pskipwort@touchc| | | orp.com | | | Sent by: | | | zope-admin@zope.| | | org | | | | | | | | | 28-01-2003 05:36| | | | |---------+--------------------------->

--------------------------------------------------------------------------------------------------------------------------------------------------| | | | To: zope@zope.org | | cc: | | Subject: [Zope] Security question... | --------------------------------------------------------------------------------------------------------------------------------------------------|

I thought this might be in the FAQ, but can't seem to find it in there... I have a particular report which I want "Everyone with Role 'A' to be able to View except for users U1 and U2' I do not want to remove U1 and U2 from Role A globally - is there an easy of of locally removing 'View' permission for 2 specific users, and retain View permissions for other users sharing the role ? Thanks, P PETER SKIPWORTH SYSTEM ADMINISTRATOR TOUCHCORP LTD TELEPHONE 03 9635 2626 www.touchcorp.com _______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )