Im trying to check that a user has permission to do something: user = self.REQUEST['AUTHENTICATED_USER'] for p in ['Foo',]: print user.has_permission(p, parent) I get 1 for everything. Is has_permission the correct call? Cheers. -- Andy McKay.
user = self.REQUEST['AUTHENTICATED_USER'] for p in ['Foo',]: print user.has_permission(p, parent)
SecurityGetUser is the blessed way to get a user object.
I get 1 for everything. Is has_permission the correct call?
That I'm not sure of.
SecurityGetUser is the blessed way to get a user object.
I thought that was just for DTML? Thats inside /AccessControl/DTML.py... This is a Zope product. Hmm I tried s = getSecurityManager() for p in ['Foo',]: print s.checkPermission(p, parent) and still get 1 for everyting. I would have thought as a default I would get 0 at the least. Oh this is weird. Cheers. -- Andy McKay. ----- Original Message ----- From: "Steve Drees" <drees@the-bridge.net> To: "Andy McKay" <andym@activestate.com>; <zope@zope.org> Sent: Wednesday, May 16, 2001 11:06 AM Subject: RE: [Zope] Getting user permissions
user = self.REQUEST['AUTHENTICATED_USER'] for p in ['Foo',]: print user.has_permission(p, parent)
SecurityGetUser is the blessed way to get a user object.
I get 1 for everything. Is has_permission the correct call?
That I'm not sure of.
user = self.REQUEST['AUTHENTICATED_USER'] for p in ['Foo',]: print user.has_permission(p, parent)
http://www.zope.org//Members/ksmith99/MailDigestWiki/PermissionChecking says: user.has_permission(permission_name, object)
I get 1 for everything. Is has_permission the correct call?
Cheers. -- Andy McKay.
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
participants (2)
-
Andy McKay -
Steve Drees