[Zope] Setting properties based on security
Martijn Pieters
mj@antraciet.nl
Wed, 03 Mar 1999 09:35:46 +0100
At 22:25 02/03/99 , Robin Dunn wrote:
>I have a folder with various boolean properties associated with it which are
>accessed by the dtml docs as flags for enabling or disabling content. Turn
>off the flag and a chunk of the page goes away when it is next viewed. This
>works great, but I would like to associate that behaviour with the security
>attributes. In other words, when somebody in the Anonymous role is viewing
>objects in the folder the properties should be unset, but when users in the
>manager (or some other specific role) view the pages then the properties
>should be set and those parts of the pages are activated.
>
>How can this be done?
>
You could, using AUTHENTICATED_USER.has_role() and manage_changeProperties(). I
think it will be better if you completely skip the property setting though..
You could just show content using
<!--#if ATHENTICATED_USER.has_role(['Anonymous'])-->
Content _only_ for the Anonymous user
<!--#/if-->
<!--#if ATHENTICATED_USER.has_role(['Manager'])-->
Content for users with the Manager role.
<!--#/if-->
This way you don't accidently let any properties float around, causing content
to be shown to the wrong people.
--
M.J. Pieters, Web Developer
| Antraciet http://www.antraciet.nl
| Tel: +31-35-6254545 Fax: +31-35-6254555
| mailto:mj@antraciet.nl http://www.antraciet.nl/~mj
| PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149
------------------------------------------