Hi Casey and all Zopers, Great ! Now I have some limited security in DocumentLibrary... Documents are not protected! It seems that we need a check that will control if the user has access to any of the topics that document has, or maybe a more restricted option : that the user has access to all of the topics that document has. What I like the most in DocumentLibrary is the file name attached at the end of the file object. That makes the life alot easier in the M$ world. I have tried the CMF but got tried of Open/save dialogs ( and sometimes twice! probably an IE bug) Secondly to post a document to CMF you have to go three pages. I can understand the first one ( that can be a dropdown box with the type info ("File", "Folder" etc) ) but I see no reason to have one page for metadata and one for the file upload. Is there a reason that I miss for that complication? Sedat Yilmazer -----Original Message----- From: cduncan@kaivo.com [mailto:cduncan@kaivo.com] Sent: Monday, July 02, 2001 5:40 PM To: Sedat Yilmazer Subject: Re: [Zope] Topic Security in DocumentLibrary Sedat Yilmazer wrote:

Hi Zopers

I am working on a M$ Office Client for DocumentLibrary project. It seems to be no topics security buit in! ( I mean restrict access to some topics based on user role) If I try to restrict access to a topic ( disable 'access conetent information' on the security tab of the topic) then the user is banned fron the system totally ( system ties to access the restricted topic and fails, It comes back with auth. prompt. As the user do not have access to that topic system returns with noaccess error screen)

Is there a way to restrict acces to some topics in DocumentLibrary? If not I think I will drop the project untill the topic/Document security is somehow provided

Sedat Yilmazer

I haven't really addressed this, but I think it would be easy to fix by making two changes to the DTML code. I will include these changes in the next release, but here they are: In the document_browse and the index_chooser methods change the line: <dtml-in expr="objectValues('Topic Index')"> to read: <dtml-in expr="objectValues('Topic Index')" skip_unauthorized> That should help. Let me know if you still run into any problems. -- | Casey Duncan | Kaivo, Inc. | cduncan@kaivo.com `------------------>