[Zope] SecurityCheckPermission

Paul Winkler pw_lists@slinkp.com
Mon, 29 Jul 2002 14:08:23 -0400


On Fri, Jul 26, 2002 at 03:17:05PM -0400, Paul Winkler wrote:
> On Fri, Jul 26, 2002 at 12:49:03PM -0400, NathanDunn@ctimi.com wrote:
> > What is the TAL equivelant to:
> > 
> >                                                                             
> >  <dtml-if "                                                                 
> >  _.SecurityCheckPermissio                                                   
> >  n('Delete objects',this                                                    
> >  ())">                                                                      

(snip)
> I think what you really want is this:
> http://www.zope.org/Members/peterbe/DTML2ZPT/#example17
> 
> I haven't seen any documentation of what the skip parameter is,
> and I haven't had a chance to look through the source code to
> see what it does.

OK, now I have. The poorly-named "skip" parameter is a string representing
the permission required in order for the item to NOT be skipped.

So the following two approaches produce output that looks the same:

<p> list filtered with SecurityManager follows... </p>

<ul tal:define="sm modules/AccessControl/getSecurityManager;
                objs python:here.objectValues()"> 
   <span tal:repeat="ob objs">
     <li tal:condition="python:sm.checkPermission('Delete objects', ob)"
         tal:content="ob/title_or_id">  item name goes here  </li>
   </span>
</ul>

<p> list filtered with LazyFilter follows...</p>

<ul tal:define="ztu modules/ZTUtils;
                all_objs python:here.objectValues();
                authobjs python:ztu.LazyFilter(all_objs, skip='Delete objects')">
     <li tal:repeat="ob authobjs"
         tal:content="ob/title_or_id"> item name goes here </li>
</ul>


I think the second variant is cleaner. The <span> tag or a similar
workaround is required in the first variant, because apparently 
putting the tal:repeat and tal:condition in the same tag 
causes a NameError on ob.

-- 

Paul Winkler
home:  http://www.slinkp.com
"Muppet Labs, where the future is made - today!"