[Zope-dev] Trying to set roles/permissions programmatically - Now I have a headache!
Danny William Adair
Danny@Adair.net
Sat, 28 Apr 2001 15:22:37 +1200
Hello Dieter!
As you can see in my email (after the first paragraph), I did look through
management interface and AccessControl/*.py
Before writing to the list and annoying others with my little problems, I
1. try it myself (for a short time)
2.
- search the mailing list archives
- search all available docs: Guides, ZB, HowTos, ZQR
- saerch zope.org (wikis)
- try to see if there is a similar situation already solved (management
interface, other products)
3.
- try on my own again (found something useful), this time longer than on 1.
And I have read "chapter3" :-)
Unfortunately, setting permissions programmatically has never been a hot
topic for Zopistas (too easy to talk about?).
What I was looking for was a way to "get a hold" of some sort of Permission
object instance. After strolling the sources, I finally found out what this
is (apparently) all about, and that I was looking for the wrong thing.
("permissionEdit.dtml" -> Role.py's "manage_changePermission" ->
Permission.py's "Permission.__init__")
----------------------------------------------------------
Here's the result, works alright for me:
(Hey nuno! Hth, you asked for something like this on the list a month ago)
----------------------------------------------------------
def setRolesForPermission(ob, permission, roles, acquire):
for p in ob.ac_inherited_permissions(1): # A
name, value = p[:2]n
if name==permission:
p=Permission(name,value,ob) # B
if acquire: roles=list(roles)
else: roles=tuple(roles)
p.setRoles(roles)
return
raise 'Invalid Permission', ("The permission <em>%s</em> is invalid." %
permission)
----------------------------------------------------------
(ok, assigning a "value" (maybe lots of times) where it's only needed in one
case is inefficent)
A and B were the hints I missed when I wrote the last mail.
So you really *do* run through all the permissions, get their names and
check against your string parameter until you match. (Is this a must?) Then
you *instantiate* a Permission. (see
"Permission.__init__(self,name,data,obj,default=None)") Yes, and setRoles
(and acquisition setting) works like I expected, phew.
Thanks anyway,
Danny
>>> -----Ursprungliche Nachricht-----
>>> Von: Dieter Maurer [mailto:dieter@handshake.de]
>>> Gesendet: Samstag, 28. April 2001 06.26
>>> An: Danny William Adair
>>> Cc: zope-dev@zope.org
>>> Betreff: Re: [Zope-dev] Trying to set roles/permissions programmatically
>>> - Now I have a headache!
>>>
>>>
>>> Danny William Adair writes:
>>> > I want to set the roles of a permission and turn acquisition
>>> of a permission
>>> > (mapping) on and off programmatically. And of course I want to get a
>>> > permission by its name. This looks definitely more complex
>>> than simply
>>> > changing an object's property!
>>> My standard response to questions like this:
>>>
>>> You know, you can do this via the Management Interface.
>>>
>>> Its code will tell you, how you can do it: the necessary
>>> method names and their parameters.
>>> After you know the names, you look for further documentation:
>>> the Zope Help, maybe the new Zope Developer Guide,
>>> the source.
>>>
>>> The source for the updating of permissions is
>>> "AccessControl/dtml/access.dtml".
>>> The methods are defined in various Python files
>>> in "AccessControl".
>>>
>>>
>>> Dieter
>>>