"Brad Clements" <bkc@murkworks.com> wrote:

I need to "hand generate" a navigation bar, showing only those subobjects to which the current user is authorized to view.

It seems as if I'd get an AttributeError when trying to access items that I can't access, but with LoginManager it pops up a login box.. Which I don't want.

My design is to have each "folder" have its own "DrawNavBar" DTML- Method, whose job it is to generate it's own html.. If that folder has sub- folders, than that folder's DrawNavBar should call it's sub-folders DrawNavBar functions.

To avoid a recursive loop resolving DrawNavBar, I use aq_explicit, like this:

<dtml-try> <dtml-var "_.getattr(PARENTS[-1].Z.Admin.aq_explicit,'ShowNavBar')(_.None,_)"> <dtml-except AttributeError> </dtml-try>

The problem with this is that I get a login prompt from LoginManager if I'm anonymous..

I suppose I could use something like dtml-in to only show those objects to which I'm authorized, but I don't want to enumerate the contents of the folder, since I know exactly what I'm looking for.

If you know the list of objects you are looking for, then you can still use '<dtml-in myList skip-unauthorized>' to get the effect you want.

So.. given an explcit path, how can I find out if the current user can 'access' that path item, such as a DTML-method?

I'm not asking Zope to confirm that the object exists if I don't have access to it.. just say "no such object" or "here's the object" and not use acquisition to find it up the path.

Ideas?

I'm not sure if this fits the bill:: <dtml-let sm="getSecurityManager()"> <dtml-if expr="sm.checkPermission( 'View', myMethod )"> .... </dtml-if> .... </dtml-let> Tres. -- =============================================================== Tres Seaver tseaver@digicool.com Digital Creations "Zope Dealers" http://www.zope.org