strange behaviour of user.has_permission
Hi there, I have a freshly created plone portal. I added a user "schmid" with no roles at all I added a document "Doc" Then I created a script that tested for all permissions wheter user schmid has it. The following script returned true on every permission. This is very wrong. What is the problem ?? user = context.acl_users.getUserById('schmid') for p in context.possible_permissions(): print " %s, %s" % (,p, user.has_permission(p, context)) return printed mit freundlichen Grüssen Robert Rottermann www.redCOR.ch
I am using Zope 2.61 on Suse 8.2 robert Am Freitag, 2. Mai 2003 22:33 schrieb robert:
Hi there, I have a freshly created plone portal. I added a user "schmid" with no roles at all I added a document "Doc"
Then I created a script that tested for all permissions wheter user schmid has it. The following script returned true on every permission. This is very wrong. What is the problem ??
user = context.acl_users.getUserById('schmid') for p in context.possible_permissions(): print " %s, %s" % (,p, user.has_permission(p, context)) return printed
mit freundlichen Grüssen
Robert Rottermann www.redCOR.ch
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
-- mit freundlichen Grüssen Robert Rottermann www.redCOR.ch
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday, May 3, 2003, at 06:33 AM, robert wrote:
Hi there, I have a freshly created plone portal. I added a user "schmid" with no roles at all I added a document "Doc"
Then I created a script that tested for all permissions wheter user schmid has it. The following script returned true on every permission. This is very wrong. What is the problem ??
user.has_permission is actually checking if the currently authenticated user (you) has the specified permission - not schmid. There is a Collector issue open about this behaviour (http://collector.zope.org/Zope/514/view), but nobody has gotten around to fixing it yet. Unless you feel like patching lib/python/AccessControl/User.py, you are going to have to find another way to do what you need. - -- Stuart Bishop <zen@shangri-la.dropbear.id.au> http://shangri-la.dropbear.id.au/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (Darwin) iD8DBQE+uIfGh8iUz1x5geARApPIAJ0V139DLRKihF8o7nloVphetr6V/ACglLXJ h1cHF7i6cV2DcjpCrIYfUZc= =uYPc -----END PGP SIGNATURE-----
Stuart Thank you very much for your explanation. Since has_permission does not work I am using now allowed which seems to do the trick Robert Am Mittwoch, 7. Mai 2003 06:12 schrieb Stuart Bishop:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Saturday, May 3, 2003, at 06:33 AM, robert wrote:
Hi there, I have a freshly created plone portal. I added a user "schmid" with no roles at all I added a document "Doc"
Then I created a script that tested for all permissions wheter user schmid has it. The following script returned true on every permission. This is very wrong. What is the problem ??
user.has_permission is actually checking if the currently authenticated user (you) has the specified permission - not schmid.
There is a Collector issue open about this behaviour (http://collector.zope.org/Zope/514/view), but nobody has gotten around to fixing it yet. Unless you feel like patching lib/python/AccessControl/User.py, you are going to have to find another way to do what you need.
- -- Stuart Bishop <zen@shangri-la.dropbear.id.au> http://shangri-la.dropbear.id.au/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (Darwin)
iD8DBQE+uIfGh8iUz1x5geARApPIAJ0V139DLRKihF8o7nloVphetr6V/ACglLXJ h1cHF7i6cV2DcjpCrIYfUZc= =uYPc -----END PGP SIGNATURE-----
-- mit freundlichen Grüssen Robert Rottermann www.redCOR.ch
participants (2)
-
robert -
Stuart Bishop