[Zope] Re: newbie question: level of security

fatih oguz oguzfatih@unt.edu
Tue, 19 Nov 2002 15:03:46 -0600


the question is ..

i have created a portal under root .
we assigned new users and each user has a couple of folders 
i would like assign new users who will have access to only specific folders.
like this...

PORTAL

Member A
  folder_a ( users X,Y)
  folder_b (users Z,T)

Member B
  folder_1 ( users f,g)
  folder_2 (users a,d)


Member C
  folder_5 ( users X,Y)
  folder_9 (users e,T)

something like that...

1-i have created acl_users for each folder then defined the users.
http://url/portal/members/Member_A/folder_a  ....
redirected me to http://url/portal  , did not work

2-i have created new portal under each member define acl_users ,each project 
folders are defined as members etc...
this time everything looked OK. but the problem is all acl_users (A,B,C) have 
access to portal 
http://url/portal/members/A/portalA/

3- if some users are working on different folders for different members , can 
those users see the folders in their page. 

thanks in advance....
fatih


Quoting Maik Jablonski <maik.jablonski@uni-bielefeld.de>:

> fatih oguz wrote:
> > hi,
> > 
> > i guess such a question is asked before but i could not find anything in 
> > mailing list archives ( may be i used improper keywords).
> > 
> > i would like to assign new users ( their roles are project1, project2) who
> have 
> > access to only those project1 and project2 folders. those project folders
> are 
> > located under one of members' folder.
> > 
> > i guess it should be done thru defining local roles . but i could not do 
> > anything.
> 
> Put a new UserFolder (acl_users) in project1 and add all Members to it, 
> same thing with project2. To login to project1, call 
> "http://.../project1/manage"... and so on.
> 
> You should remove all the project*-members from all acl_users above the 
> new created project*-acl_users to secure your system.
> 
> -mj
> 
> 
> 
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>