[Zope] Common Folders and Security
Stuart Nicholson
stuart.nicholson@wirelessdatanz.com
Wed, 3 Oct 2001 09:25:04 +1200
I have common set of resources I want individual clients to access but =
I also want the clients to supply their own secure contexts. However =
being something of a Zope newbie I'm
a little hazy on how I should implement the security in Zope.
I have a folder structure as follows:
- Common
Common resources (dtml method, images etc. etc.)
- Clients
- AndyInc
- acl_user Folder (Users from AndyInc)
- BobCorp
- acl_user Folder (Users from BobCorp)
I can set 'Authorised' security on the AndyInc and BobCorp folders and =
then do things like:
http://zope/Common/AndyInc/CommonResource and Zope will ask Andy to =
authorise himself before performing publishing CommonResource in the =
AndyInc context.
http://zope/Common/BobCorp/CommonResource has the same effect only now =
Bob has to authorise himself.
QUESTION: But how do I specify security settings (Roles? Proxy Roles??) =
so that I can stop users from doing things like:
http://zope/Common/AndyInc/BobCorp/CommonResource
Where because of the na=EFve security settings I'm using, Zope will ask =
Andy to authenticate himself and having done so will grant access to =
CommonResource but in the BobCorp
context. Which is NOT what I want.
Do I need to create a new Role for each client folder and then grant =
that Role to the users authorised by the client folder? Is there a =
better way? Any help greatly
appreciated!
Stuart Nicholson
Software Engineer.
Wireless Data
----------------------------------------------------------------------=20
The information contained in this communication is intended solely for =
the use of the individual or entity to whom it is addressed and others =
authorised to receive it. It may
contain confidential or legally privileged information.=20
If you are not the intended recipient you are hereby notified that any =
disclosure, copying, distribution or taking any action in reliance on =
the contents of this information is
strictly prohibited and may be unlawful.=20
If you have received this communication in error, please notify us =
immediately by responding to this email and then delete it from your =
system.=20
Wirelessdata Ltd is neither liable for the proper and complete =
transmission of the information contained in this communication nor for =
any delay in its receipt.=20
----------------------------------------------------------------------=20