[Zope] Trying to understand __roles__
James W. Howe
jwh@allencreek.com
Tue, 22 Feb 2000 13:25:17 -0500
In previous e-mails I've described a problem that I've been having with my
management tabs. I have a subclass of Folder which is displaying the
Contents tab even though the currently authenticated user shouldn't have
access to it. If my folder defines it's own "manage_main" instead of
inheriting it from ObjectManager, the Contents tab is not visible to users
who shouldn't see it. After spending some time with the debugger, I found
the following bit of information:
If I inherit manage_main from ObjectManager, when the object representing
manage_main is asked for its '__roles__', it answers a list of ['Manager',
'Publisher', 'Manager']. I don't exactly understand where this information
comes from, and, more importantly, why it contains my 'Publisher' role. If
I define manage_main in my Folder subclass, however, asking manage_main for
its '__roles__' answers ['Manager']. This seems like the correct answer to me.
I have the feeling that there is some key concept about Zope and/or Python
that I'm not getting. Why does the inherited manage_main have different
__roles__ than if I define it in my subclass? How would it have managed to
pick up a role (Publisher) that hasn't been assigned to it (to the best of
my knowledge)? Finally, can someone tell me where I can see how __roles__
is implemented? I can't seem to find it.
Thanks.
James W. Howe mailto:jwh@allencreek.com
Allen Creek Software, Inc. pgpkey: http://ic.net/~jwh/pgpkey.html
Ann Arbor, MI 48103