[Zope] Permissions question
Dieter Maurer
dieter@handshake.de
Wed, 18 Dec 2002 23:19:48 +0100
Kevin Carlson writes:
> ....
> If I log in as a user that has access to the Root Folder, all is well.
> However, when I log in as a user that is listed in the acl_users folder
> contained in Folder 2.1, catalog searches are getting fouled up.
You may look how CMF solves this problem (authorization dependent
query results):
It has a specialized keyword index "AllowedRolesAndUsers".
A document's value for this index is the list of roles
that should be allowed to see this object in query results.
A query is implicitly extended with a subquery against
this index. The value is the list of roles associated
with the current user.
Dieter