[Zope] acl_users

Dylan Reinhardt zope@dylanreinhardt.com
Tue, 26 Nov 2002 10:37:22 -0800


Forgive me if I'm misunderstanding you, but are you adding new managers to 
your root acl_users folder?  That's not a very good plan.

You should have an acl_users folder at each point in your directory tree 
where permissions change.

Assume you have a setup like:

/
   a/
   b/
   c/

If you have three users (A, B, and C) who each have access to folders a, b, 
and c, respectively, each subfolder (a, b, c) should have an acl_users 
folder that contains one user.  I would then give set up each folder with 
View privileges (or whatever the minimum functional privilege set is) for 
Authenticated Users (not Manager).  User A won't be authenticated in folder 
b, only in folder a.

If you're creating these folders programmatically, it's reasonably easy to 
create acl_users and user objects at the same time.

If that's not enough, some additional detail on your goals would be helpful.

HTH,

Dylan

At 09:23 AM 11/26/2002, you wrote:

>Hi
>
>I'm having problems creating a new user in Zope. I want to allow a user 
>access to one folder only, so my thinking was;
>  - create a new user in acl_users and grant 'manager' role
>  - grant access on said folder to manager
>However, simply adding the new user changes the password for the admin 
>user as well, so i have to resort to a backup to continue (with no new user!).
>
>I'm obviously being very dim - I've tried searching the list but can't 
>find anything, any help gratefully received.
>
>Manfred
>
>---
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system 
>(<http://www.grisoft.com>http://www.grisoft.com).
>Version: 6.0.373 / Virus Database: 208 - Release Date: 01/07/2002
>