[Zope] Assigning roles in context from groups
John K. Hohm
jhohm@acm.org
Wed, 18 Sep 2002 18:41:22 -0500
Dieter writes:
> John K. Hohm writes:
> > I am using LDAPUserFolder with Zope 2.5.1 to authenticate users. I have users
> > in groups (which show up as roles in Zope) such that the group names are part
> > of some folder names, and I want to put the users in roles in the context of a
> > folder based on whether they are in a group that matches the folder name and a
> > certain role name. This should allow me to assign permissions to those roles
> > in a containing folder and have them apply only to the folders that a user is
> > in a group for.
> A non-trivial request...
>
> Look at NuxUserGroups. It goes some way into this direction. Probably, it still
> does not give you everything you want.
Thanks for the pointer, Dieter. I took a cue from NuxUserGroups and added a
module to my product that overrides the BasicUser.getRolesInContext and
BasicUser.allowed methods to also add the result of
__ac_local_roles_for_user__(self) to the local roles. I'd rather not be
modifying standard Zope objects, but I don't see another way to give a user
roles depending on a relationship between its other roles and the folder's name;
__ac_local_roles__ when called doesn't get passed the user.