Hi All, Is it possible to set proxy roles on methods located in Zope Products. I need to turn the View permission off on some folders so certain users can't see them in a sitemap (uses dtml-tree). However, I've got an edit_html method located in a Zope product that then needs to use stuff in one of the folders that has "View" set to off for that user (who's running edit_html). Thanks, Tom
Palermo, Tom wrote at 2006-2-8 09:59 -0500:
Is it possible to set proxy roles on methods located in Zope Products.
No, but I posted some time ago (to "zope-cmf" or "plone-users") code that allows you to set proxy roles on a region in trusted code. Search for "ProxyContext". -- Dieter
Palermo, Tom wrote:
Is it possible to set proxy roles on methods located in Zope Products.
Not really, why do you think you need to?
see them in a sitemap (uses dtml-tree). However, I've got an edit_html method located in a Zope product that then needs to use stuff in one of the folders that has "View" set to off for that user (who's running edit_html).
If the code is in a disk-based class method, security won't be coming into play. What errors are you seeing? (if you get an auth box, consider hitting cancel or enabling verbose security in zope.conf, restarting and trying again) cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
Chris Withers wrote at 2006-2-8 23:04 +0000:
... If the code is in a disk-based class method, security won't be coming into play.
Unless you call something with internal security checks (such as e.g. "_verifyObjectPaste" during "manage_paste"). -- Dieter
participants (3)
-
Chris Withers -
Dieter Maurer -
Palermo, Tom