[Zope-CMF] N-Dimensional security again (Hi Shane :-)

Chris Withers chrisw@nipltd.com
Sun, 8 Jul 2001 21:10:19 +0100


> AFAIK, you're right.  In Portal.py, you can find where all the Types
> are added as products in a single batch (hence the way they all come
> up in the products list as a single Product, CMFDefault Content).
>
> >From CMFDefault.__init__.py:
>
>     utils.ContentInit( 'CMFDefault Content'
>                      , content_types=contentClasses
>                      , permission=ADD_CONTENT_PERMISSION
>                      , extra_constructors=contentConstructors
>                      , fti=CMFDefault.factory_type_information
>                      ).initialize( context )

Waaagh! :-S Now, what you could do as a workaround for the moment is change
that method to the actual call to initializeClass (name?) is done with:

 permission = 'Add %s' % contentClass.meta_type

> Which is pretty darn messy, but it gets the job done...

Indeed, either way, you end up with one hell of a bloated security tab if
you get lots of content types.

Now, from what I know so far, the DCWorkflow tool solves the N-dimensional
security problem once an object has been created, however, it doesn't solve
the problem that you need one permission per content type if you want fine
grained control over the ability to add content.

So, Shane, you solved the last problem with a truly amazing tool, could it
be extended to solve this bit of the problem too?

here's hoping...

Chris