[Zope-CMF] CMF security policy
Dieter Maurer
dieter@handshake.de
Fri, 25 Jul 2003 01:57:29 +0200
David Hart wrote at 2003-7-24 14:32 +1000:
> ...
> I have a CMF site where a particular entire folder and all its contents
> should be accessible only to a certain role (just 'Authenticated' in the
> simple case). I would like all contained objects to inherit their
> permission from the parent folder.
>
> When new CMF content is added, the Anonymous role is specifically set on
> the Access contents information and View permissions. I'm looking in the
> source, but can't yet track it down. Is this happening in the factories?
> Is there a way I can change is default behaviour?
This is done by the workflow.
A CMF workflow can change the permission to role mapping
based on workflow state.
I assume, you are using DCWorkflow.
In this case, look at the "Permissions" tab of the workflow
definition and its various states.
Dieter