[Zope] Getting user permissions
Randall F. Kern
randy@spoke.net
Wed, 16 May 2001 11:39:14 -0700
I do this all over the place in a python product:
user =3D getSecurityManager().getUser()
if user.has_permission('Foo', ob)
This is of course the same as your sample (if the user is a normal zope
user object). So I would look somewhere else for the problem.
-Randy
> -----Original Message-----
> From: Andy McKay [mailto:andym@ActiveState.com]
> Sent: Wednesday, May 16, 2001 11:18 AM
> To: Steve Drees; zope@zope.org
> Subject: Re: [Zope] Getting user permissions
>=20
>=20
> > SecurityGetUser is the blessed way to get a user object.
>=20
> I thought that was just for DTML? Thats inside=20
> /AccessControl/DTML.py...
> This is a Zope product.
>=20
> Hmm I tried
>=20
> s =3D getSecurityManager()
> for p in ['Foo',]:
> print s.checkPermission(p, parent)
>=20
> and still get 1 for everyting. I would have thought as a=20
> default I would get
> 0 at the least. Oh this is weird.
>=20
> Cheers.
> --
> Andy McKay.
>=20
>=20
> ----- Original Message -----
> From: "Steve Drees" <drees@the-bridge.net>
> To: "Andy McKay" <andym@activestate.com>; <zope@zope.org>
> Sent: Wednesday, May 16, 2001 11:06 AM
> Subject: RE: [Zope] Getting user permissions
>=20
>=20
> > > user =3D self.REQUEST['AUTHENTICATED_USER']
> > > for p in ['Foo',]:
> > > print user.has_permission(p, parent)
> >
> >
> > SecurityGetUser is the blessed way to get a user object.
> > > I get 1 for everything. Is has_permission the correct call?
> >
> > That I'm not sure of.
> >
>=20
>=20
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -=20
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )
>=20