[Zope] Permissions on ZClass

Darin Lee dlee@usol.com
Thu, 22 Mar 2001 20:35:36 -0800


Zopistas,

I have a custom set of ZClasses all living together in a product I have
created (a news folder where authors can post articles and photographs) but
something strange is happening with authentication.

If an author logs in to the Zope site root and selects my News folderish
object for editing purposes, I can determine the AUTHENTICATED_USER variable
and all is well.

Like so -- http://my.zope.site/manage

However, If the author comes into my ZClass directly, the AUTHENTICATED_USER
variable still reports that they are anonymous - even though they are
authorized and able to access (however you can see their user name in the
left frame).

Like so -- http://my.zope.site/news/manage

If they visit the site root and re-visit the news folderish object then
AUTHENTICATED_USER is set properly and all is well. I need it to work
becuase I'm using AUTHENTICATED_USER to determine who is writing the
articles and binding that information to another ZClass which contains a
photograph, biography information and other tidbits of info.

I'm having some difficulty grokking Zope Permissions, so if anyone has any
thoughts, I would greatly appreciate it! (I did read the permissions chapter
in the ZB - but the mappings in ZClasses are still reeeeaaalllly fuzzi to
me). My understanding was that AUTHENTICATED_USER should be set by the
closest acl_users folder up the tree.

Thanks in advance,
-Darin