[Zope] How to properly do navigation Bar without un-authorized
sub-objects?
Casey Duncan
cduncan@kaivo.com
Tue, 27 Feb 2001 09:41:35 -0700
Brad Clements wrote:
>
> On 27 Feb 2001, at 9:15, Casey Duncan wrote:
>
> > OK, how about if you call AUTHENTICATED_USER.has_permission() on each
> > NavBar method to see if the user has rights to call it?
>
> That does not work either. When I get the object to pass to
> has_permission, authentication kicks in.
>
> Here's what I'm doing
>
> /
> Z (folder)
> ShowNavBar Method
>
> Admin (folder) (No rights to this folder)
> ShowNavBar Method
>
> I need to know if the authenticated user (who may be anonymous) has
> rights to view Admin and/or Admin.ShowNavBar
>
> Seems there's no way to get the Admin object for use with
> has_permission without firing off authentication.
You should be able to avert the login box like so:
<dtml-try>
Whatever might fail due to lack of permissions
<dtml-except Unauthorized>
Whatever you do if not authorized (if anything)
</dtml-try>
I tried this on a similar hierarchy with a anonymous callable method in
an upper folder trying to call a method in a restricted folder lower
down the tree. It excepted without poping up the login box.
--
| Casey Duncan
| Kaivo, Inc.
| cduncan@kaivo.com
`------------------>