[Zope] Re: Zope Permissions

Butch Landingin butchland@yahoo.com
Tue, 14 Sep 1999 15:31:32 -0700 (PDT) 

This is the same message, but I think the python code is now
correctly formatted:

------- On Mon, 13 Sep 1999 17:34:23, Katrin
<katrin@beehive.de> wrote:

> hi everybody!
>
> i have a little problem with permission settings.
>
> i'm writing a product in python. the product installs dtml methods when
> installed in a folder. now i want zope to ask for the user name and the
> password when a certain page is rendered as an URL (zope doesn't have a user name yet).
>
>i found out that in order to get the zope login
window, i have to uncheck the view permission of the page (i mean the checkbox for
> acquire permission settings). how can i uncheck the box
> using python in my product? or how can i delete the view permission
> for this page in my product?

If I understand your problem correctly, you want to
install the DTML method to have the acquired
permissions for View permission unchecked, and then 
 
(I guess,) enabled view permission for some role
which you have defined a set of users for?
I did something like this with some Python code in a
homegrown user authentication class I've been
playing around with:

     # remove view and access permissions from  acquired permissions and anonymous role
     acq_permissions = your_method.permission_settings()
     new_permissions = []
     for d in acq_permissions:
        if d['name'] != 'View':
           new_permissions.append(d['name'])
     your_method.manage_acquiredPermissions(new_permissions)  
     your_method.manage_role(role_to_manage='Anonymous',permissions=new_permissions)

Basically, what it is doing is:
 
    1. get the current list of acquired permissions
       from your dtml_method (<object>.permission_settings())

    2. create a new list of permissions without the
       View permission (that's the what the loop is doing)    
       -- you could also just create a hardcoded list and not
       have to  loop (then you don't have to do the first
       step too)
 
    3. set your object's acquired permissions using
       (<object>.manage_acquiredPermissions(new_permissions)

    4. set the anonymous role's permissions to the
       the new permissions (w/o the View permission)
       (<object>.manage_role(role_to_manage='Anonymous',permissions=new_permissions))

    5. You also probably need add a step to add view
       permissions for some role (i.e. Manager) so that they
       have the view permission to access your method using the manage_role method
       (<object>.manage_role(role_to_manage='Manager',permissions=['View','View Management',...])

If you are writing your constructor method in DTML,
you probably could use the same methods that I used. The
only complication I see in writing it with DTML is
implementing the loop (which could be circumvented
if you use a hardcoded list)...
 
Hope this helps.
 
Best regards,
 
Butch Landingin
butchland@yahoo.com

__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com