[Zope] Heres my canView Method
Jay, Dylan
djay@lucent.com
Wed, 16 Jun 1999 16:20:01 +1000
This method will in most instances return 1 if the specified user can view a
particular object. You have to give it a string path of the object relative
to the current context. It will handle url type paths as well ie
<!--#if "canView('folder/index_html', AUTHENTICATED_USER)"--> and
<!--#if "canView('folder.index_html', AUTHENTICATED_USER)"--> will both
work.
I think this will give the correct result in most cases. However I stil
think it should be an built in method as I think the code below is quite
slow and if the real user validation code is done at the C level then it
would be better to use that.
from AccessControl.Permission import Permission
import string
def canViewObj(SomeObject, userRoles):
if hasattr(SomeObject,'_View_Permission'):
Roles = getattr(SomeObject,'_View_Permission')
if 'Anonymous' in Roles:
return 1
else:
for i in userRoles:
if i in Roles:
return 1
# ok, try parents
if SomeObject.acquiredRolesAreUsedBy('View') != '':
return canViewObj(SomeObject.aq_parent, userRoles)
else:
return 0
elif hasattr(SomeObject, 'aq_parent'):
return canViewObj(SomeObject.aq_parent, userRoles)
else:
return 1 # Not sure about this case.
def canView(self, objName, AUTHENTICATED_USER):
objName = 'self.'+string.replace(objName,'/','.')
objName = string.replace(objName,'..','.')
try: SomeObject = eval(objName)
except: return 0
return canViewObj(SomeObject, AUTHENTICATED_USER.getRoles())