[Zope] Get current username within pythonscript

pskipwort@touchcorp.com pskipwort@touchcorp.com
Wed, 29 Jan 2003 11:47:51 +1100


Can someone tell me how to do this within a PythonScript ?

I've tried

from AccessControl import getSecurityManager
username=getSecurityManager.getUser().getUserName()

but get this error..."function attributes not accessible in restricted 
mode"

Any ideas ?

Cheers,

P



-----Original Message-----
From: bluepaul@earthlink.net [mailto:bluepaul@earthlink.net]
Sent: Wednesday, 29 January 2003 11:02 AM
To: Peter Skipworth; H.de.Wit@SFK.NL; zope@zope.org
Subject: Re: [Zope] Security question...


Can't you hide or show the "previous menu" based on something like:

<dtml-unless  "SecurityGetUser() .getUserName() in  ignoreUserList">
  put up that report option ...
</dtml-unless>

note: ignoreUserList is a list like:  ['george','harry']  

Then users in the ignoreUserList will never see the menu option.

Simple, but I've used this approach in my projects.

David

  
----- Original Message ----- 
From: <pskipwort@touchcorp.com>
To: <H.de.Wit@SFK.NL>; <zope@zope.org>
Sent: Tuesday, January 28, 2003 3:11 PM
Subject: RE: [Zope] Security question...


> Thanks Hans...
> 
> It's nearly what I want...except the report will still be visible on 
the 
> previous menu - I guess the user would be able to click on it, but 
they 
> would be redirected to another page. It's a bit dirty - I wish there 
was 
> a better option! I'll keep fiddling :)
> 
> P
> 
> 
> -----Original Message-----
> From: H.de.Wit@SFK.NL [mailto:H.de.Wit@SFK.NL]
> Sent: Tuesday, 28 January 2003 7:56 PM
> To: Peter Skipworth; zope@zope.org
> Subject: Re: [Zope] Security question...
> 
> 
> 
> It is a little cheap, but this should work:
> You can exclude the two users (it is 1 report, isn't?) by adding a 
call 
> to
> a pythonscript to your report.
> content of the pythonscript something like this:
> 
> from AccessControl import getSecurityManager
> user = getSecurityManager().getUser()
> if user=="George" or name=="Saddam":
>   target='www.friendsforever.org'
>   RESPONSE.redirect(target)
>   return  # i don't know why, but this return seems to be necessary.
> 
> Hans de Wit
> Stichting Farmaceutische Kengetallen
> Postbus 30460
> 2500 GL  DEN HAAG
> Tel. 070-3737448
> Fax 070-3737445
> 
> 
> |---------+--------------------------->
> |         |           pskipwort@touchc|
> |         |           orp.com         |
> |         |           Sent by:        |
> |         |           zope-admin@zope.|
> |         |           org             |
> |         |                           |
> |         |                           |
> |         |           28-01-2003 05:36|
> |         |                           |
> |---------+--------------------------->
>   
> 
>-----------------------------------------------------------------------
> 
------------------------------------------------------------------------
> ---|
>   |                                                                    
  
>                                                                        
  
>    |
>   |        To:      zope@zope.org                                      
  
>                                                                        
  
>    |
>   |        cc:                                                         
  
>                                                                        
  
>    |
>   |        Subject: [Zope] Security question...                        
  
>                                                                        
  
>    |
>   
> 
>-----------------------------------------------------------------------
> 
------------------------------------------------------------------------
> ---|
> 
> 
> 
> 
> I thought this might be in the FAQ, but can't seem to find it in
> there...
> 
> I have a particular report which I want "Everyone with Role 'A' to be
> able to View except for users U1 and U2'
> 
> I do not want to remove U1 and U2 from Role A globally - is there an
> easy of of locally removing 'View' permission for 2 specific users, 
and
> retain View permissions for other users sharing the role ?
> 
> Thanks,
> 
> P
> 
> 
> PETER SKIPWORTH
> SYSTEM ADMINISTRATOR
> TOUCHCORP LTD
> TELEPHONE 03 9635 2626
> www.touchcorp.com
> 
> 
> 
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
> 
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )


_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )