[Zope] dtml-in and skip_unauthorized not working?
Dieter Maurer
dieter@handshake.de
Sat, 11 Aug 2001 09:38:05 +0200 (CEST)
Mike Renfro writes:
> On Fri, Aug 10, 2001 at 11:06:09PM +0200, Dieter Maurer wrote:
>
> > Many people ignore "ZopeFind". It's a pity! "ZopeFind" is very
> > helpful.
> >
> > It can filter on permission and provides much better control than
> > "skip_unauthorized" (which simply can check for object access
> > ("Access contents information" for most objects, "View" for a few
> > specials).
>
> Great. I saw that argument in the code for it, but it wasn't clear
> what format the parameter should take. Any examples?
There is a prominent example: the "Find" tab in Zope's ZMI.
Looking at it, you will find that:
"obj_permission" is a permission name
"obj_roles" is a list of roles
If both are specified, "ZopeFind" find the objects
where the specified roles have the given permission.
The ZMI is a really rich repository of examples....
Often, they are even documented (as in the case of the
"Find" tab)....
Dieter