[Zope] Problem using AUTHENTICATED_USER

[Dieter Maurer]

=?iso-8859-1?q?J=E9r=F4me=20Loisel?= writes:
 > I am somewhat unable to check whether or not the user has manager access to 
 > some object object. The following does not work as expected:
 > 
 > <dtml-if "AUTHENTICATED_USER.has_role('Manager', _.getitem('.news'))">
 >   <P>Blah.</P>
 > </dtml-if>
 > 
 > Instead of getting a true result if the user has manager acces to the .news 
 > item (a folder), I get a true result if the user has manager access to his 
 > context.
I do not understand what "his context" means.

Nevertheless, I will make some remarks. Perhaps, they are of help:

 * "has_roles(roles,object)"
   will return "true", when the user globally has one of the
   roles in "roles"

 * it will return "true", when the user has one of the
   roles as a local role in an ancestor of "object"

 * There might be a bug in "AccessControl.User.User.getRolesInContext":
   the "__ac_local_roles__" are not looked up in the object
   itself but in its "aq_inner" (if it exists).

   I am not sure, however, whether this makes a difference,
   probably not.

 > Related question: How do I access AUTHENTICATED_USER from Python?
AUTHENTICATED_USER is a REQUEST member.

Depending in what kind of Python you are, you could use something
like:

	self.REQUEST.AUTHENTICATED_USER (External Method)

or

	context.REQUEST.AUTHENTICATED_USER (Python Script)

or

	REQUEST.AUTHENTICATED_USER (if REQUEST passed as parameter)



Dieter