[Zope] Zclass and Permissions: Delete Instances?
Dieter Maurer
dieter@handshake.de
Mon, 24 Jun 2002 21:47:33 +0200
wchr writes:
> thx - quite obvious. so - am i wrong if i consider that for somehow=20
> inconsistent? the zope-security-model allows me to delegate add- and=20
> edit-permissions depending on meta_type, but concerning "Delete Object=
s"=20
> i=B4m only able to either disallow it or generally allow it for a=20
> certain context/role...
That's what the standard Zope permission system gives you.
It's an artifact of the fact that you have type specific
constructors but a generic (type independent) object deletion method.
You can build your own (type specific) deletion method
and protect it in any way you like. It would make the object deletion
security checks you like and then call the containers
"manage_deleteObject" to delete the object. It may need
a "proxy role" to overpower the restrictions you will probably
impose on "manage_deleteObject".
Dieter