RE: [Zope] RE: What method do I use to check access?
-----Original Message----- From: Jay, Dylan [mailto:djay@lucent.com] Sent: Wednesday, May 12, 1999 11:28 PM To: 'Martijn Pieters'; 'Jason Spisak'; zope@zope.org Subject: RE: [Zope] RE: What method do I use to check access?
-----Original Message----- From: Martijn Pieters [mailto:mj@antraciet.nl] Sent: Tuesday, May 11, 1999 10:23 PM To: Jay, Dylan; 'Jason Spisak'; zope@zope.org Subject: Re: [Zope] RE: What method do I use to check access?
At 01:28 11/05/99 , Jay, Dylan wrote:
Jay,
Try <!--#if "AUTHENTICATED_USER.has_role('foo')"-->. There was an excellent posting in the archives about all the possibilities with the user object. Also read the files in the AccessControl folder inside Zope/lib/python.
the has_role method I already use and is not convienient as it means I have to hard code the roles. I've looked in AccessControl and only come across def allowed(self,parent,roles=None): but was unsuccessful in getting it to do what I want.
I will look for that email in the archives.
AUTHENTICATED_USER.allowed won't do what you want, I think. A now deprecated method that is now replaced by has_role was nothing more than an alias to the allowed() method, so you cannot get any (or much) more information from allowed() than you can get from has_role().
Explain to us what you want to do.
I want a method such that <!--#if "AUTHENTICATED_USER.hasPermission('View',myDoc)"--> or something similar.
I've never seen or used anything like this, so perhaps you may want to try to refactor your problem, otherwise: Users don't have permissions, Users have roles. Using the security screen in the managment interface, you map which roles have which permissions, and when you create Users, you give them roles. If your user is in a Role which has the 'View' permission associated with it, then you don't need to do the #if check. I think maybe what your looking for is "Do any of my User's *Roles* map to the permission x?". (Not using 'View' as an example because anonymous maps to 'View' by default) This would require a bit of tinkering, but it could be done with AUTHENTICATED_USER.getRoles() and rolesOfPermission(x). You may also want to talk a look at AccessControl/Roles.py, there are several methods defined in there to exampine roles and permissions, like permissionsOfRole (the inverse of rolesOfPermision) and acquiredRolesAreUsedBy. -Michel
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(For developer-specific issues, use the companion list, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )
participants (1)
-
Michel Pelletier