Permissions and Instances of ZClasses
I'm trying to build a product through the ZMI (like the example in The Zope Book), I have some DTML methods in a ZClass were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product. When I view the instance of the DTML, it doesn't see the permission. I'm able to at least see the 'View' permission... When I look around in the Permissions and Define Permissions of the various objects (both the ZClass, and the DTML methods), I don't see my permission in the lists, except for under 'Class Permissions' in the Permissions tab for the ZClass (were I have highlighted it, which I assume is correct?) The call to SecurityCheckPermission() looks like this... <dtml-if expr="_.SecurityCheckPermission('Manage Diary',this())"> I'm thinking maybe I'm calling SecurityCheckPermission in the wrong context? Making a product certainly can be confusing at times. :) Thanks! -- David Case Dav3xor@gmail.com www.builddiary.net
Dave Case wrote:
I'm trying to build a product through the ZMI (like the example in The Zope Book),
For the love of god, please don't ;-)
I have some DTML methods
waaghhh...
in a ZClass
ow, ow, stop hurting me...
were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product.
Why?
The call to SecurityCheckPermission() looks like this...
<dtml-if expr="_.SecurityCheckPermission('Manage Diary',this())">
*schniff*
I'm thinking maybe I'm calling SecurityCheckPermission in the wrong context? Making a product certainly can be confusing at times. :)
Yes, don't do it, at least not like this. Look at building a filesystem absed prdocut which is marginally saner... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
On 10/27/05, Chris Withers <chris@simplistix.co.uk> wrote:
Dave Case wrote:
I'm trying to build a product through the ZMI (like the example in The Zope Book),
For the love of god, please don't ;-)
Look, I know what I'm doing is not cool, but since cool has no documentation, I'm doing what I can.
I have some DTML methods
waaghhh...
Ditto
in a ZClass
ow, ow, stop hurting me...
Aha, so I've awakened the local Troll, my apologies to the rest of the list for setting him off.
were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product.
Why?
Because there are links to management interfaces I don't want an unauthenticated user to see.
The call to SecurityCheckPermission() looks like this...
<dtml-if expr="_.SecurityCheckPermission('Manage Diary',this())">
*schniff*
Granted this is a standard cookbook call to SecurityCheckPermission, but I thought maybe I was calling it wrong from within the product, so I thought I would ask.
Yes, don't do it, at least not like this. Look at building a filesystem absed prdocut which is marginally saner...
It was the first thing I tried; but since (once again) I couldn't find much documentation I tried something else (the example in the Zope book...). -- David Case Dav3xor@gmail.com www.builddiary.net
Dave Case wrote:
Aha, so I've awakened the local Troll, my apologies to the rest of the list for setting him off.
Not exactly, just tired of people pulling the trigger 'cos they find a gun pointed at their foot. (Oh, and then complaining that their foot is a bleeding mess ;-)
Yes, don't do it, at least not like this. Look at building a filesystem absed prdocut which is marginally saner...
It was the first thing I tried; but since (once again) I couldn't find much documentation I tried something else (the example in the Zope book...).
Go back to this, explain what problems you had and I'll try and help... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
Dave Case wrote at 2005-10-26 15:32 -0700:
I'm trying to build a product through the ZMI (like the example in The Zope Book), I have some DTML methods in a ZClass were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product.
What does that mean? Do you see the corresponding "Permission" object in your product?
... When I look around in the Permissions and Define Permissions of the various objects (both the ZClass, and the DTML methods), I don't see my permission in the lists, except for under 'Class Permissions' in the Permissions tab for the ZClass (were I have highlighted it, which I assume is correct?)
The call to SecurityCheckPermission() looks like this...
<dtml-if expr="_.SecurityCheckPermission('Manage Diary',this())">
Do you get any errors (full error information is always vital when you report problems; in case of "Error"s, this includes at least "Error type", "Error value" and the traceback!). But, I suppose that you misunderstand how permissions work (in general and with ZClasses in particular). "SecurityCheckPermission(P,o)" will only return true when the current user has permission "P" on object "o". The "user -> role" and "role -> permission" mapping determine this fact. Thus, unless you adapted a "role -> permission" mapping, only the Zope "Manager" will have this permission (by default). A ZClass combines some objects whose methods are protected by specific permissions. You may want to change these permissions for your ZClass components. Therefore, you can define permissions ("Define permissions" tab) available for this purpose. Then, in your specific object, you can use the "Permission mapping" tab to map the objects permissions to some of your own. -- Dieter
participants (3)
-
Chris Withers -
Dave Case -
Dieter Maurer