tony, there is no API to modify a user object after creation because assembling a user from several data sources like you're doing wasn't anticipated. one way out would be to subclass from UserDB and add a method to do both role lookups at once, then you would replace all those calls that look up roles with a call to your custom method. if you have several sites that assemble the roles differently you would only have to replace the custom role lookup method and provide the necessary infrastructure for it (SQL, db connections and such). jens On Tuesday, July 17, 2001, at 05:21 , Tony McDonald wrote:

Hi all, I'm authenticating against a database using UserDB and getting the roles 'Staff' and 'Student'. They can only have the one role from this database.

I need to then *add* to these roles by looking up in another database (I can't easily edit the first database).

For example, User = 'tone', authentication with first database gives the role 'Staff'. Then I look up in another database and find that 'tone', using the system 'eGuides' has the additional roles 'Admin' and 'Reviewer' (no, we're not using CMF - unfortunately :(

How can I do this multiple lookup to end up with user 'tone' having the roles 'Staff, Admin, Reviewer'?

There doesn't seem to be anything remotely like 'addRole' in the API or the AccessControl directory.

Am I using the wrong system for my authentication perhaps?

Any hints would be greatly appreciated.

Cheers, Tone. -- Dr Tony McDonald, Assistant Director, FMCC, http://www.fmcc.org.uk/ The Medical School, Newcastle University Tel: +44 191 243 6140 A Zope list for UK HE/FE http://www.fmcc.org.uk/mailman/listinfo/zope

_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )

tony.mcdonald> I need to then *add* to these roles by looking up in another database (I tony.mcdonald> can't easily edit the first database). LoginManager can do this. It's alluded to in the documentation, but there's no description of exactly *how*. Jim Rowan DCSI jmr@computing.com

Tone, Is there any reason you can't use local roles? It seems to me this would cover you quite nicely. Just an idea. Phil ----- Original Message ----- From: "Tony McDonald" <tony.mcdonald@ncl.ac.uk> To: "Zope" <zope@zope.org> Sent: Tuesday, July 17, 2001 10:21 AM Subject: [Zope] Can I *add* to the roles a user has?

Hi all, I'm authenticating against a database using UserDB and getting the roles 'Staff' and 'Student'. They can only have the one role from this database.

I need to then *add* to these roles by looking up in another database (I can't easily edit the first database).

For example, User = 'tone', authentication with first database gives the role 'Staff'. Then I look up in another database and find that 'tone', using the system 'eGuides' has the additional roles 'Admin' and 'Reviewer' (no, we're not using CMF - unfortunately :(

How can I do this multiple lookup to end up with user 'tone' having the roles 'Staff, Admin, Reviewer'?

There doesn't seem to be anything remotely like 'addRole' in the API or the AccessControl directory.

Am I using the wrong system for my authentication perhaps?

Any hints would be greatly appreciated.

Cheers, Tone. -- Dr Tony McDonald, Assistant Director, FMCC, http://www.fmcc.org.uk/ The Medical School, Newcastle University Tel: +44 191 243 6140 A Zope list for UK HE/FE http://www.fmcc.org.uk/mailman/listinfo/zope

_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )