[Zope-CMF] odd problem with user management

Tres Seaver tseaver@palladion.com
Mon, 30 Jul 2001 22:43:48 -0400 

Jon Franz wrote:


> I'm using the CMF for my *gasp* corporate intranet, and due to
> some policies in place, employees cannot create thier own users.

>  Instead, HR creates the users and defines all of thier properties.

> The employees can modify only one property - the about_me property;

> meanwhile all others should be editable by CMF managers only.


To accomplish this, you might remove the 'Set own properties'
permission from the 'Member' role;  give a proxy role of 'Manager'
to a Python Script which sets the 'about_me' property.


> I have created the needed forms and they pull the current user

> data, and have created the python code below and placed it inside

> CMFCore/Registration.py (I know, put it in  CMFDefault, but I'm

> prototyping and dont care at this point)


Actually, you don't need (and ordinarily wouldn't) to modify *any*
of the CMF code;  if you can't solve the problem using the stock
configuration hooks (as I suggseted above), then you should create
your own product and derive a new tool from those in the CMF.

> and the  code compiles and runs without raising any errors.

> However, once run, the user's folder disappears from within the

> ZMI and the portal.  
> 
> Any ideas of what I'm doing wrong?
> 
> Heres the code:
> 
>     security.declareProtected(CMFCorePermissions.ManagePortal,
> 'setOthersProperties')
>     def setOthersProperties(self, user=None, properties=None, **kw):
>         '''Allows the authenticated member to set his/her own
> properties.
>         Accepts either keyword arguments or a mapping for the
> "properties"
>         argument.
>         '''
>         if user is None or user=='':
>             raise 'Bad request', 'invalid user'
>             
>         if properties is None:
>             properties = kw
>         membership = getToolByName(self, 'portal_membership')
>         if not membership.isAnonymousUser():
>             member = membership.getMemberById(user)
>             failMessage = self.testPropertiesValidity(properties,
> member)
>             if failMessage is not None:
>                 raise 'Bad Request', failMessage
>             member.setMemberProperties(properties)
>         else:
>             raise 'Bad Request', 'Not logged in.'

I can't see any particular reason why your code here would
cause the symptom you describe.

Tres.
-- 
===============================================================
Tres Seaver                                tseaver@zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com