[Zope] Password Conflict (Restatement)

Jeff Youel jeff@jeffyouel.com
Tue, 26 Nov 2002 22:52:57 -0800


On Tuesday 26 November 2002 05:04 pm, Dan Shafer wrote:
> My customer site has an acl_user folder at the top level. Only users
> whose names appear in that folder can update the site in any way. But
> the site includes a folder called Clearings which houses a set of
> Python scripts and HTML forms that together constitute an application
> which adds information to the Zope database (creates a folder and
> multiple documents).
>
> My client would like to allow anyone to whom he issues a password
> (which one of my scripts randomly generates on demand) the ability to
> run those scripts which update the site, but not do any other site
> updating or be able to see other aspects of the site.
>
> So when a person goes to the URL he gives them, they are challenged for
> a password. If they supply the proper password, they should then be
> allowed to visit the HTML forms which execute the Python scripts which
> in turn update the Zope database.
>
> I can't see how to use acl_users for this since I would have to either
> create a new user along with each new password generated or update the
> password for a pre-named user (like "client") in the acl_folder.
> Presumably even if I could figure out how to do that (which I haven't
> been able to do yet), I would need to create a new role for these
> individuals.
>
If I understand correctly, you have two mutually exclusive security zones=
=2E  If=20
possible, I would try to setup your folder structure to model that with t=
wo=20
acl_users folders.  Something like:

    new_client_root
        Clearings
            acl_users  =20
        current_top_level
            acl_users

HTH,
Jeff