[Zope] checking view permissions

Tom Rockwell rockwell@pa.msu.edu
Sat, 27 Apr 2002 15:44:43 -0400


Hi,

I have a simple file library type page, and am tweeking it a bit so that 
  anonymous users don't see all the file upload options etc.

I'd like to hide the "add file" link from anonymous viewers.  On the 
dtml method that shows a file upload form, I changed the "View" 
permission to "Authenticated" users.  On the file library page, I 
wrapped a <dtml-if> around the code that makes the link to the upload page:

<dtml-if "AUTHENTICATED_USER.has_permission('View', upload)">
<a href="upload">Upload</a>
</dtml-if>

However, for unauthenticated users, Zope gives the error that "upload" 
doesn't exist.  So apparently, if a user can't View an object, they also 
can't call .has_permission('View' object).  Am I missing something?

To work around, I just used a <dtml-if upload>, dtml-if has nice 
behaviour when objects aren't found.

I'm using Zope 2.5.

Cheers,
Tom Rockwell