[Zope] Customizing or Hooking Access Control
Dieter Maurer
dieter@handshake.de
Mon, 23 Jun 2003 00:00:46 +0200
rossp@ppc.ucsc.edu wrote at 2003-6-20 17:01 -0700:
> I have a bunch of classes and objects that have a boolean 'active'
> attribute that gets set on and off variously throughout my code. I
> also have a 'View Inactive' permission that I use in some of my own
> object listing methods.
>
> But what I really want is to be able to control the AccessControl
> validation. I would like to be able to say that if an object is
> active (its 'active' attribute is on) that someone who has the 'View'
> permission can visit it. If the object is inactive, however, I would
> like to be able to say that someone who doesn't have the 'View
> Inactive' permission can't visit it.
>
> It would seem that this could be fairly easily accomplished with
> something like manage_beforeDelete, manage_beforeValidate for example,
> where I can reject the validation before the rest of the checks are
> made. Niether the docs, nor googling, nor reading the source, nor
> pestering #zope has yielded anything so far so here I am pestering the
> list.
>
> Any ideas? Thanks.
The architecture provides a hook for this.
Zope fill the hook with "ZopeSecurityPolicy".
Look at the source to determine how you can provide your
own hook.
Dieter