[Zope] Stuck with newSecurityManager in an access rule
Gilles Lenfant
gilles at pilotsystems.net
Thu Sep 4 18:03:37 EDT 2003
Hi,
I used successfully newSecurityManager in a Product to change dynamically
the user during a transaction (running some methods as owner).
I tried to use this to change dynamically the user in a special folder
hierarchy based on a request parameter.
For doing this in this folder, I made standard user folder, a Python script
as access rule that calls an external method like this...
Python script (setUser1)...
====
container.setUser2(container)
return
====
External method setUser2...
====
from AccessControl.SecurityManagement import newSecurityManager
requestKey = 'an_userid'
def setUser2(container):
anUserId = container.REQUEST.get(requestKey, None)
userFolder = container.acl_users
if anUserId:
userObj = userFolder.getUser(anUserId).__of__(userFolder)
if userObj:
newSecurityManager(container.REQUEST, userObj)
return
====
The newSecurityManager is executed but seems to have no effect on the user
during the rest of the transaction :
<dtml-var AUTHENTICATED_USER> always shows "Anonymous User" in a template
for which the above access rule is executed, and the REQUEST has a valid
"an_userid" key.
Did I miss something somewhere ? Why such a construct works in a Product and
not in an external method ?
Many thanks in advance.
--Gilles
More information about the Zope
mailing list