[Zope] RE: What method do I use to check access? (and how do I do 'getitem' in an external method?)

Jay, Dylan djay@lucent.com
Tue, 8 Jun 1999 12:49:39 +1000 

> -----Original Message-----
> From: Howard Clinton Shaw III [mailto:shawh@sths.org]
> Sent: Thursday, May 27, 1999 21:45
> To: Jay, Dylan
> Cc: 'zope@zope.org'
> Subject: Re: [Zope] RE: What method do I use to check access?
> 
> 
> On Wed, 26 May 1999, Jay, Dylan wrote:
> > The problem with your solution is that it doesn't take into 
> account aquired
> > permissions.
> > 
> > >for i in AUTHENTICATED_USER.getRoles():
> > >	if i in SomeObject._View_Permission.getRoles():
> > >		return 1
> > >return 0
> 
> Oops. Think I just sent a message to the list which you had 
> already answered.
> OK, with respect to acquisition, the Permission object 
> explicitly abandons
> (assuming I understand this right) acquisition by setting the 
> obj it gets equal
> to obj.aq_base if such exists. Now this would be a severe 
> kludge, but since
> encapsulation in python is largely imaginary, you could try this:
> 
> SomeObject._View_Permission=obj
> for i in AUTHENTICATED_USER.getRoles():
> 	obj=SomeObject._View_Permission.obj
> 	if i in SomeObject._View_Permission.getRoles():
> 		SomeObject._View_Permission=obj
> 		return 1
> SomeObject._View_Permission=obj
> return 0
> 
> Or conceivably:
> 
> P = Permission('View','',SomeObject)
> P.obj=SomeObject
> for i in AUTHENTICATED_USER.getRoles():
> 	if i in P.getRoles():
> 		return 1

Ok, I'm still working on the problem. I've come upon a snag however. If I
pass in SomeObject above I will get an "You are not authorized to access
SomeObject" error. So instead I need to pass in the object id and get the
object myself. However I have had no luck working out how to do this. What I
need is the getitem method in an external method. Searching through all the
code as left me none the wiser.

Here's the closest I have.

from AccessControl.Permission import Permission

def hasPermission(self, pname, objName, AUTHENTICATED_USER):
  SomeObject = self.__getitem__(objName)
  P = Permission(pname,'',SomeObject)
  P.obj=SomeObject
  for i in AUTHENTICATED_USER.getRoles():
    if i in P.getRoles():
      return 1