[Zope] permissions check without triggering login

Steve Spicklemire steve@spvi.com
Mon, 13 Dec 1999 09:31:21 -0500 (EST)


Hi Martijn,

   Could you set the 'proxy' for that method to have a role
that can check with impunity?

-steve

Martijn wrote:
----------------------------------------------------------------------

Hi there,

I'd like to make a DTML method that produces a list of all subfolders
that the user has permission to see; i.e. if Anonymous isn't allowed to
'View' a certain folder I don't want that folder to show up in the list.

This howto seemed perfect for my purposes:

http://www.zope.org/Documentation/How-To/DetectRoles

However, when I actually applied it I ran into a problem I can't seem to
get around. I have a folder called 'test1' which has 'Access contents
information' and 'View' permission turned off for Anonymous. Now, I have
the following dtml_method (in the parent folder of test1):

<dtml-if "AUTHENTICATED_USER.has_permission('View', test1)">
<p>Can be viewed!</p>
<dtml-else>
<p>Can't be viewed!</p>
</dtml-if>

Unfortunately, when I try this with an anonymous user, this displays the
login dialog when executed. I just want to see 'Can't be viewed!'. Is
this possible, and if so, how?

Regards,

Martijn