Hi all, Having been put off Zope by the uglyness of DTML before, I am begining to get to grips with zope once again, and have played around with ZTP et al and it looks great. We have one problem. We have an existing system, where each of our customers (companys) gets a new subfolder of our site: e.g http://url:8080/customers/companyA http://url:8080/customers/companyB each company may have different users with various levels of access... once again zope caters for this. However, say i want each company to call a method : getFinancialRecords(company, username) Prefrably this is an instance method of a class stored on the harddrive, but the main prerequist is that it is in ONE place. I have also experimented with Product and got a couple working, and so understand i could use a product and include it in companyA's folder and companyB's folder, but this would be cumbersome if we have 2000+ company's for example. Plus whenever we make a change to the product we need to update each product somehow. So I am thinking, is it possible to include my Product 'X' (that has the getFinancialRecords method) in the "customers" folder and still preservce security and access levels? Is there a better way that can i allow different levels of access to getFinancialRecords for different users of company 'A' for example? any help would be very much appricated, been scratching my head for ages on this one. Matt
on or about, Thursday, January 02, 2003, we have reason to believe that Matthew Russell wrote something along the lines of :
We have an existing system, where each of our customers (companys) gets a new subfolder of our site: e.g http://url:8080/customers/companyA ... However, say i want each company to call a method : getFinancialRecords(company, username) So I am thinking, is it possible to include my Product 'X' (that has the getFinancialRecords method) in the "customers" folder and still preservce security and access levels? ... Is there a better way that can i allow different levels of access to getFinancialRecords for different users of company 'A' for example?
if you start out with just an External Method , you could get a lot done with little work. external methods get passed 'self' by magic, so you could call it like this : <p tal:content="here/getFinancialRecords" /> in your pagetemplate. your external method could look something like this.. def getFinancialRecords(self): from AccessControl import getSecurityManager sec_mgr = getSecurityManager() if sec_mgr.checkPermission('View management screens', self): # the current user has permissions to view management screens on # the current object, thus he should get the fincancial data company = self.company # assumes company to ba a property of each company's folder Whatever code fetches the actual data return data else: return "You do not have permissions to see financial data for this company" :) -- Geir Bækholt geir@funcom.com Tools/HCI-developer Tools/Billing - Product Operations Funcom Oslo
participants (2)
-
Geir B�kholt -
Matthew Russell