[Zope] Zclass and Permissions: Delete Instances?

Dieter Maurer dieter@handshake.de
Mon, 24 Jun 2002 21:47:33 +0200


wchr writes:
 > thx - quite obvious. so - am i wrong if i consider that for somehow=20
 > inconsistent? the zope-security-model allows me to delegate add- and=20
 > edit-permissions depending on meta_type, but concerning "Delete Object=
s"=20
 >   i=B4m only able to either disallow it or generally allow it for a=20
 > certain context/role...
That's what the standard Zope permission system gives you.

  It's an artifact of the fact that you have type specific
  constructors but a generic (type independent) object deletion method.

  You can build your own (type specific) deletion method
  and protect it in any way you like. It would make the object deletion
  security checks you like and then call the containers
  "manage_deleteObject" to delete the object. It may need
  a "proxy role" to overpower the restrictions you will probably
  impose on "manage_deleteObject".


Dieter