[Zope-CMF] allowedUsersAndRoles

Dan Fairs monster at spiderplant.net
Tue Feb 22 06:00:10 EST 2005


Hi,

I understand CMF uses allowedUsersAndRoles to be able to ensure that only
content that a member is allowed to see displays in searches.

The problem we're having is that local role asssignment near the root of
our content takes ages, as CMF reindexes all the security information.
We're already using QueueCatalog, so I was considering putting
allowedRolesAndUsers in as a deferred index field.

I understand the effect of this would be that items might show
inappropriately on search results for a minute until we process our queue,
but an unauthorised member would be blocked when they clicked on the
content.

Would there be any other effects?

Regards,
Dan



More information about the Zope-CMF mailing list