[Zope-dev] "dynamic permissions" in zope

[Dieter Maurer]

Heinz-Josef Claes writes:
 > .... dynamic permissions ....
It is not Zope's normal behaviour.

Of cause, you could plug in a new UserFolder that
implements the features you require (someone else
recommended "LoginManager").

On the other hand, Zope is flexible enough to let you
approximate the desired behaviour - at the expense
of a bit extra work:

  You create a folder like ZClass for your documents.
  Each document goes into its own ZInstance.
  You ensure, that the document is not accessible directly.

  You give your ZClass a method "index_html".
  It performs your application specific security
  checking. If the check succeeds, it renders
  the document.

  You may need to set a proxy role for your
  "index_html" be able to render the document.

  This approach is only an approximation.
  It looses the fine grained permission checking
  during the rendering of your document.

Dieter