[Zope-CMF] Permission/ownership problem
Florent Guillaume
fg@nuxeo.com
Sat, 23 Mar 2002 19:45:53 +0000 (UTC)
It may be that you have a local role 'Owner' higher in the object
containment hierarchy, for instance on the objects' folder. As local
roles are always "inherited" by contained objects and (currently)
cannot be blocked, you'd still have a role 'Owner' in the context of
the object.
Florent
Luca Olivetti <luca@wetron.es> wrote:
> Hi,
>
> I have:
>
> - A custom CMF object, say myObject, which 'edit' method is protected by..
> - A custom permission, say myPermission
> - A DCworkflow, which in a transition calls a method that changes ownership (and local
> roles) of the object. The permission 'myPermission' is granted only to the 'Owner' and
> 'Dept Manager'
>
> I created an object, gone through the workflow until the stage that I changed ownership
> of the object.
> When I go see the object as the new user, all is weel, i.e. the new user has the
> permission to edit the object, the correct actions appear in the actions box, etc.
> The problem is that the CMF still thinks I'm the Owner of the object, since I have the
> same actions listed and working.
> If I check the management interface, the object has myPermission assigned to 'Owner' and
> 'Dept Manager', the ownership is of the other user and the only local role is 'Owner'
> for the other user. If I remove myPermission for Owner I cannot see the actions, so I
> think that the CMF still thinks I'm the owner.
>
> I used this to change the permission in myObject:
>
> def assignTo(self, user_id):
> acl_users = self.portal_membership.acl_users
> user = acl_users.getUser(user_id).__of__(acl_users)
> self.changeOwnership(user)
> self.manage_delLocalRoles([ user for user,roles in self.get_local_roles() ])
> self.manage_setLocalRoles(user_id, ['Owner'])
>
>
> Does the CMF look somewhere else (not visible from the management interface) for roles?
--
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 10 http://nuxeo.com mailto:fg@nuxeo.com