Give ownerschip instead of take ownership?
Hi, I've set up an intranet site. Several people get editing rights through a webinterface I created. One of the things they can do, is add a page in the right format with a special webform. The pages they add are owned by them, and I use "ownership" to place a "mail the editor button" on every page. So far, so good... But as webadmin I layed out the basic structure, and sometimes I help people set up their part of the side when they don't have the time to do it. And these pages are owned by me, not by the people that are going to edit the contents of the page. And I don't want people to contact me when they have remarks/questions about the contents of the page. These editors don't have manager rights in zope, and don't use the managementinterface of zope, so I can't have them "take ownership" of these pages, and I don't know their passwords, so I can't take their identity (don't want to do that either). Instead I would like to "give ownership" to them. Only the webadmin, with manager rights in the zope interface has to be able to do this. And it doesn't have to be permanent; if it's a security risk I can change things back to normal after I make the necessary adjustments. Does anyone has an idea whether it is possible to do this (and how - in what direction should I search)? (I'm using zope 2.5.1 with python 2.1.3 on solaris) Thanks
On Wednesday 12 May 2004 01:37 am, Marinussen, M.J. (Ria) wrote:
Hi,
I've set up an intranet site. Several people get editing rights through a webinterface I created. One of the things they can do, is add a page in the right format with a special webform. The pages they add are owned by them, and I use "ownership" to place a "mail the editor button" on every page. So far, so good...
But as webadmin I layed out the basic structure, and sometimes I help people set up their part of the side when they don't have the time to do it. And these pages are owned by me, not by the people that are going to edit the contents of the page. And I don't want people to contact me when they have remarks/questions about the contents of the page. These editors don't have manager rights in zope, and don't use the managementinterface of zope, so I can't have them "take ownership" of these pages, and I don't know their passwords, so I can't take their identity (don't want to do that either). Instead I would like to "give ownership" to them. Only the webadmin, with manager rights in the zope interface has to be able to do this. And it doesn't have to be permanent; if it's a security risk I can change things back to normal after I make the necessary adjustments.
Does anyone has an idea whether it is possible to do this (and how - in what direction should I search)? (I'm using zope 2.5.1 with python 2.1.3 on solaris)
Assigning them the 'local role' of owner in the seurity tab for the item should do what you want. Good luck. Alec Mitchell
Marinussen, M.J. (Ria) wrote at 2004-5-12 10:37 +0200:
... Instead I would like to "give ownership" to them. Only the webadmin, with manager rights in the zope interface has to be able to do this. And it doesn't have to be permanent; if it's a security risk I can change things back to normal after I make the necessary adjustments.
Zope knows about two separate notions of "ownership": * executable ownership which is abused by CMF for "Creator" * the local role "Owner" Executable ownership would only play a role for executable objects but not content objects (such objects are in your Plone site) were it not abuse for "Creator". The local role controls the permissions on the object. In your special case, you probably want to change both the executable owner (to get "Creator" right) and reassign the local role. Someone else already told you how to reassign the local role. To change executable ownership, "AccessControl.Owned.Owned" contains the private method "changeOwnership". As it is private, it cannot be used in TTW code. You must use an External Method. -- Dieter
participants (3)
-
Alec Mitchell -
Dieter Maurer -
Marinussen, M.J. (Ria)