Hi, I've created a method whose View permission is not allowed to Anonymous users but allowed to the "Member" role. I want to put a link to this method at the bottom of each page, say in standard_html_footer, but only if the user is allowed to view it. I've done the following in standard_html_footer: <dtml-if "AUTHENTICATED_USER.has_permission('View', mymethod)"> ... Some tests and text ... <A HREF="<dtml-var URL>/mymethod">Members only</A> ... Some tests and text ... </dtml-if> but if I access the pages as an anonymous user then I've got an Unauthorized exception instead of not having the "Members only" link. What do I have done wrong ? Thanks in advance. Jerome Alet
--On Thursday, April 19, 2001 23:01:42 +0200 Jerome Alet <alet@unice.fr> wrote:
<dtml-if "AUTHENTICATED_USER.has_permission('View', mymethod)"> ... Some tests and text ... <A HREF="<dtml-var URL>/mymethod">Members only</A> ... Some tests and text ... </dtml-if>
but if I access the pages as an anonymous user then I've got an Unauthorized exception instead of not having the "Members only" link.
What do I have done wrong ?
you don't want to evaluate truth: you want to see if there's an exception. I think you want: <dtml-try "AUTHENTICATED_USER.has_permission('View', mymethod)"> <A HREF="<dtml-var URL>/mymethod">Members only</A> <dtml-except> You are Anonymoose! </dtml-try> Hope that helps, -- -mindlace- zopatista community liason
Hi, On Thu, 19 Apr 2001, ethan mindlace fremen wrote:
--On Thursday, April 19, 2001 23:01:42 +0200 Jerome Alet <alet@unice.fr> wrote:
<dtml-if "AUTHENTICATED_USER.has_permission('View', mymethod)"> Some tests and text <A HREF="<dtml-var URL>/mymethod">Members only</A> Some tests and text </dtml-if>
but if I access the pages as an anonymous user then I've got an Unauthorized exception instead of not having the "Members only" link.
you don't want to evaluate truth: you want to see if there's an exception. <dtml-try "AUTHENTICATED_USER.has_permission('View', mymethod)"> <A HREF="<dtml-var URL>/mymethod">Members only</A> <dtml-except> You are Anonymoose! </dtml-try>
Doesn't work, but it's better: the link appears even if the user is anonymous, but if he clicks on the link then the authentication dialog box opens. What I want is for the link to not appear at all, if possible. the permissions on "my_method" are normal, except View which is only allowed to roles Manager and Member, and not acquired. Zope version is 2.3.1b2 bye, Jerome Alet
--On Friday, April 20, 2001 10:19:26 +0200 Jerome Alet <alet@unice.fr> wrote:
On Thu, 19 Apr 2001, ethan mindlace fremen wrote:
you don't want to evaluate truth: you want to see if there's an exception.
I think I was wrong.
the permissions on "my_method" are normal, except View which is only allowed to roles Manager and Member, and not acquired.
I implemented it like this: method you want to show is test, method that shows the link is canIsee, python script that tests is called showme. showme: if context.REQUEST.AUTHENTICATED_USER.has_permission('View','test'): return '<a href="test">test</a>' else: return '' canIsee: <dtml-var showme> test: this just has the permissions set as you said. That should do it! -- ethan mindlace fremen zopatista community liason
participants (2)
-
ethan mindlace fremen -
Jerome Alet