[Zope] Adding Security permissions/roles to a product

MidnightFears@aol.com MidnightFears@aol.com
Wed, 7 May 2003 11:59:37 EDT


--part1_1ad.13d2e87c.2bea8769_boundary
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit

In researching how to implement customized security for my product, I have 
seen two ways to approach this. The first is through the __ac__permissions 
and the second is through the use of the ClassSecurityInfo. 

In attempting the first way, I declared the following in my class:

   __ac_permissions__= Folder.__ac_permissions__ + (
      ('View',
          ('Administrator', 'Manager', 'Custodian', 'Restricted Access'),
      ), 
      ('Access contents information',
          ('Administrator', 'Manager', 'Custodian', 'Restricted Access'),
      ), 
      ('View management screens',
          ('manage', 'manage_main', 'manage_workspace',),
          ('Administrator', 'Manager', 'Custodian', 'Restricted Access'),
      ), 

   )

Nothing spectacular here, however, the Custodian can't get access to any of 
the management screens. I am pulling my hair out over this one.

What am I doing wrong? Should I be using the ClassSecurityInfo instead? Does 
anyone have a good resource that will show me how to go about implementing 
security?

Thanks in advance!!

--part1_1ad.13d2e87c.2bea8769_boundary
Content-Type: text/html; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

<HTML><FONT FACE=3Darial,helvetica><FONT  SIZE=3D2 FAMILY=3D"SANSSERIF" FACE=
=3D"Arial" LANG=3D"0">In researching how to implement customized security fo=
r my product, I have seen two ways to approach this. The first is through th=
e __ac__permissions and the second is through the use of the ClassSecurityIn=
fo. <BR>
<BR>
In attempting the first way, I declared the following in my class:<BR>
<BR>
&nbsp;&nbsp; __ac_permissions__=3D Folder.__ac_permissions__ + (<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ('View',<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ('Administrator', 'Ma=
nager', 'Custodian', 'Restricted Access'),<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ), <BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ('Access contents information',<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ('Administrator', 'Ma=
nager', 'Custodian', 'Restricted Access'),<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ), <BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ('View management screens',<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ('manage', 'manage_ma=
in', 'manage_workspace',),<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ('Administrator', 'Ma=
nager', 'Custodian', 'Restricted Access'),<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ), <BR>
<BR>
&nbsp;&nbsp; )<BR>
<BR>
Nothing spectacular here, however, the Custodian can't get access to any of=20=
the management screens. I am pulling my hair out over this one.<BR>
<BR>
What am I doing wrong? Should I be using the ClassSecurityInfo instead? Does=
 anyone have a good resource that will show me how to go about implementing=20=
security?<BR>
<BR>
Thanks in advance!!</FONT></HTML>

--part1_1ad.13d2e87c.2bea8769_boundary--