[Zope] AUTHENTICATED_USER?
Michel Pelletier
michel@digicool.com
Wed, 12 Jan 2000 14:23:17 -0500
> -----Original Message-----
> From: Guy Davis [mailto:davis@arc.ab.ca]
> Sent: Wednesday, January 12, 2000 1:49 PM
> To: zope@zope.org
> Subject: [Zope] AUTHENTICATED_USER?
>
>
> I am trying to disallow anonymous access for all but a handful of
> domains. This is easy to do with Apache, but how can it be done with
> Zope?
>
> The only thing I could think of was to have the following in the
> standard_html_header.
>
> <dtml-if "AUTHENTICATED_USER == 'Anonymous User'" >
> {if remote address is acceptable}
> {show the true page}
> {else show an error message}
> <dtml-else>
> {show the true page}
> </dtml-if>
>
> However the above expression never evaluates to true even when
> <dtml-var AUTHENTICATED_USER> shows 'Anonymous User' on the
> same page.
That is because AUTHENTICATED_USER is an object whose __str__() method
prints the user name as a string. This is not the same thing as the
user object being *equal* to a string.
> If I try to use string.find(), Zope complains that
> AUTHENTICATED_USER is
> a bad arguement.
Because it's type is not string, it is a user object.
Compare 'Anonymous User' with AUTENTICATED_USER.getUserName()
-Michel