[Zope] Getting user permissions

Andy McKay andym@ActiveState.com
Wed, 16 May 2001 14:34:46 -0700 

Yep. The result is the same and its caused by Manager being the default role
for any permission.

Cheers.
--
  Andy McKay.


----- Original Message -----
From: "Chris McDonough" <chrism@digicool.com>
To: "Randall F. Kern" <randy@spoke.net>; "Andy McKay"
<andym@activestate.com>; "Steve Drees" <drees@the-bridge.net>;
<zope@zope.org>
Sent: Wednesday, May 16, 2001 12:29 PM
Subject: Re: [Zope] Getting user permissions


> Another (newer) way to do this is:
>
> from AccessControl import getSecurityManager
> getSecurityManager().checkPermission('Foo', ob)
>
> ----- Original Message -----
> From: "Randall F. Kern" <randy@spoke.net>
> To: "Andy McKay" <andym@ActiveState.com>; "Steve Drees"
> <drees@the-bridge.net>; <zope@zope.org>
> Sent: Wednesday, May 16, 2001 2:39 PM
> Subject: RE: [Zope] Getting user permissions
>
>
> I do this all over the place in a python product:
>
> user = getSecurityManager().getUser()
> if user.has_permission('Foo', ob)
>
> This is of course the same as your sample (if the user is a normal zope
> user object).  So I would look somewhere else for the problem.
>
> -Randy
>
> > -----Original Message-----
> > From: Andy McKay [mailto:andym@ActiveState.com]
> > Sent: Wednesday, May 16, 2001 11:18 AM
> > To: Steve Drees; zope@zope.org
> > Subject: Re: [Zope] Getting user permissions
> >
> >
> > > SecurityGetUser is the blessed way to get a user object.
> >
> > I thought that was just for DTML? Thats inside
> > /AccessControl/DTML.py...
> > This is a Zope product.
> >
> > Hmm I tried
> >
> >         s = getSecurityManager()
> >         for p in ['Foo',]:
> >             print s.checkPermission(p, parent)
> >
> > and still get 1 for everyting. I would have thought as a
> > default I would get
> > 0 at the least. Oh this is weird.
> >
> > Cheers.
> > --
> >   Andy McKay.
> >
> >
> > ----- Original Message -----
> > From: "Steve Drees" <drees@the-bridge.net>
> > To: "Andy McKay" <andym@activestate.com>; <zope@zope.org>
> > Sent: Wednesday, May 16, 2001 11:06 AM
> > Subject: RE: [Zope] Getting user permissions
> >
> >
> > > >         user = self.REQUEST['AUTHENTICATED_USER']
> > > >         for p in ['Foo',]:
> > > >             print user.has_permission(p, parent)
> > >
> > >
> > > SecurityGetUser is the blessed way to get a user object.
> > > > I get 1 for everything. Is has_permission the correct call?
> > >
> > > That I'm not sure of.
> > >
> >
> >
> > _______________________________________________
> > Zope maillist  -  Zope@zope.org
> > http://lists.zope.org/mailman/listinfo/zope
> > **   No cross posts or HTML encoding!  **
> > (Related lists -
> >  http://lists.zope.org/mailman/listinfo/zope-announce
> >  http://lists.zope.org/mailman/listinfo/zope-dev )
> >
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>
>
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>