[Zope] Fairly dumb SecurityCheckPermission question
Neil Burnett
neil@efc.be
Fri, 31 Aug 2001 17:22:15 +0200
Hi
I am using the security system for the first time, so this question could be
trivial.
I want to check in one DTML Method whether the current user has permission
to view another one. So I have tried the following, where editContact is the
target method.
<dtml-if expr="_.SecurityCheckPermission('View', editContact())">
<dtml-var expr="_.SecurityGetUser().getUserName()"> has permission
<dtml-else>
<dtml-var expr="_.SecurityGetUser().getUserName()"> is unauthorised
</dtml-if>
It always fails whether the current user has permission to view the target
method or not.
Worse, if the target method contains any dtml, the above code apparently
tries to evaluate it, but can't, and returns an error:
Error Type: KeyError
Error Value: standard_html_header
Note that if I change the target method to be this, as in:
<dtml-if expr="_.SecurityCheckPermission('View', this())">
it works how I expect (but not, of course, how I want)
Any helpful hints gratefully received.
Regards
Neil