[Zope] NUXUserGroups Zope security
Sion Morris
s.morris@bangor.ac.uk
Fri, 12 Jul 2002 13:18:25 +0100
Hi,
To get a list of users for a particular group (using NuxUserGroups)
using the following python script
group=context.acl_users.getGroupById(groupname)
users=group.getUsers()
return users
I get an error: 'You are not allowed to access getUsers in this context'
In order to get the list I created an external method with the following
based on stuff from ZopeLABS:
def get_list_of_users(self, groupName):
acl_users = getattr(self, 'acl_users')
groups = acl_users.getGroupById(groupName).__of__(acl_users)
usernames = groups.getUsers()
return usernames
and it works.
So to access any methods of objects from a python script or DTML I have
to create an external method? Is this right. Would some kind soul
explain why this is the case or if I'm doing it incorrectly or I missed
something.
I have read the security.declareProtected stuff on ZDG and noticed that
getUsers has
security.declareProtected(ManageUsers, 'getUsers'). The python script
above has a proxy role of manager which has permission to 'Manage users'.
Many thanks,
Sion