[Zope] has_permission for arbitrary user
Mark N. Gibson
mark@kaivo.com
Fri, 7 Sep 2001 17:36:44 -0600 (MDT)
>
> >
> > Mark N. Gibson writes:
> > > <dtml-if expr="acl_users.getUser('someuser').has_permission('Change DTML
> > > Document',this())">
> > > Yes
> > > <dtml-else>
> > > No
> > > </dtml-if>
> > >
> > > Unfortunately, has_permissions seems to be implented to call
> > > has_permission on the currently logged in user; i.e. AUTHENTICATED_USER.
> > I doubt this very much!
> >
> > But "getUser" is probably protected.
> > You may consider using a proxie role...
> >
>
> Here's the code for has_permission from the BasicUser Class
>
> def has_permission(self, permission, object):
> """Check to see if a user has a given permission on an object."""
> return getSecurityManager().checkPermission(permission, object)
>
> Draw your own conclusions.
>
> I wrote my own to deal with the problem:
Oops. There's a typo in the code below, should be
>
> def hasPermissions( user, obj, permissions ):
> """ check to see if user has permissions for object """
>
> # if type(permissions) == type(''):
> # roles = [roles]
if type(permissions) == type(''):
permissions = [permissions]
>
> #get roles for user, include local roles on obj
> userRoles=user.getRoles() + obj.get_local_roles_for_userid(user.getUserName())
> for perm in permissions:
> objRoles=obj.rolesOfPermission(perm)
> for oRole in objRoles:
> if oRole['name'] in userRoles:
> if oRole['selected']:
> return 1
> return 0
>
>
> > Dieter
> >
>
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )
>