[Zope] Questions on roles and permissions
Dieter Maurer
dieter@handshake.de
Wed, 4 Apr 2001 23:49:12 +0200 (CEST)
Fernstrom, Christer writes:
> 1) I want the same *authenticated user* to have different permissions at different parts of my server. Are local roles the best way to handle this?
Yes
> 2) How can I get hold of the local user roles?
> <dtml-var expr="AUTHENTICATED_USER.getRoles()"> only returns the global role
> associated with the authenticated user.
The Online Documentation says:
give the "getRoles" an object as argument, then it should
return the roles relative to this object.
But, the code says, it will not work.
--> Collector
You can use "getRolesInContext"; unfortunately, this is undocumented
--> Collector
> 3) Is there a way to retreive the permissions that the authenticated user has on a given object?
You can use "has_permission" to test for a sepific permission.
I do not know of a way to get a permission list.
> 4) I have observed that when a user has been authenticated at a deeper level in the folder hierarchy, then <dtml-var expr="AUTHENTICATED_USER.getUserName()"> on a higher level yields 'Anonymous User'. Bug or normal behaviour?
It should be precisely this way.
Details in
URL:http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html
Dieter