[Zope-dev] Objects, Roles and Permissions
Danny William Adair
Danny@Adair.net
Tue, 10 Apr 2001 14:48:39 +1200
Thank you very much, Richard! Cool!
Still...
>>> ...
>>> Feel free to expand the method to other roles
>>> and the full suite of permissions.
>>> ...
Other *roles*? Roles are what's coming back, isn't it?
>>> def viewPermissions(self, acquired=0):
>>> ''' walk up the acquisition path to find a _View_Permission
>>> attribute... possibly _only_ the acquired permissions.
>>> '''
>>> chain = self.aq_chain
>>> if acquired:
>>> chain = chain[1:]
>>> for self in chain:
>>> if hasattr(self.aq_base, '_View_Permission'):
>>> return self._View_Permission
>>> return ['Manager']
"possibly _only_ the acquired permissions" - oops! Your snippet worked fine
_if_ the view permission was acquired by that object. As soon as I turned
off acquisition for the view permission of the object, it would still give
me the acquired roles (that in fact were'nt acquired). What does the "if"
statement look like that would return the object's own roles for the View
Permission if acquisition was turned off? Naive Danny who doesn't know s...
tried to put
if hasattr(self.aq_base, '_View_Permission'):
return self._View_Permission
at the beginning of your code, but no effect. :-(
But now I see how to access specific permissions and read their content (do
I? I'll experiment with it), thank you very much! I will put a
string.replace on top and pass the Permission to examine by string
parameter, and call that whole stuff "getAllowedRoles".
A "getGrantedPermissions" for examining a role should work similarly, right?
def ac_inherited_permissions(self, all=0):
set all to 1 and then... iterate through the list (tuple or list? list of
tuples?) and check every "_current_Permission" if it contains the role?
Thx once again,
Danny
btw: Isn't return['Manager'] at the end of your code obsolete (but safe)? Or
is there anything special going on at the root level
(isTopLevelPrincipiaApplicationObject)?