[Zope-PAS] local roles plugins

Kapil Thangavelu hazmat at objectrealms.net
Mon Feb 7 17:44:21 EST 2005


hi folks,

i'd like to see a new plugin type for local roles plugins. the major
driving reason is to enable a local roles blocking policy on containers.

i've got a version of it implemented and if its sounds good i'll setup a
pas branch with the code. the implementation patches propertied user and
setups a new plugin type based on the following interface.

-kapil

class ILocalRolesPlugin( Interface ):
    """
    plugin for determining a user's local roles and object access based 
    on local roles.
    """

    def getRolesInContext( user, object):
        """
        Return the list of roles assigned to the user.

        o Include local roles assigned in context of the passed-in
          object.
        """

    def checkLocalRolesAllowed( user, object, object_roles):
        """
        Check whether the user has access to object based
        on local roles. access is determined by a user's local roles
        including one of the object roles.
        """

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mail.zope.org/pipermail/zope-pas/attachments/20050207/7d1bf989/attachment.bin


More information about the Zope-PAS mailing list