[Zope] LDAPUserSatellite - Misunderstood usage?

Chris Connett chrisconnett at gmail.com
Mon Oct 4 22:03:57 EDT 2004


On Mon, 4 Oct 2004 17:22:12 +0100, Jens Vagelpohl <jens at dataflake.org> wrote:

I went ahead and traced the whole process by adding my own logging
statements to the source starting with ``allowed`` and following
everything.  (The proper versions of methods are indeed getting
called, so that's not an issue.)  I noticed though that it seems in
LDAPUserSatellite.py, in ``getAdditionalRoles``, it only goes through
the *roles* that the user object has, and adds more roles that those
*roles* map to in ``self.groups_map`` (self is the LUS), but it does
not go through LDAP *groups* that the user has.  My LUF gives only
groups to specific users.  I have no Zope roles specifically for my
groups; it is my intent that the groups map to existing roles like
'Manager' in certain contexts.

Has this been my misunderstanding?  Are you supposed to create a Zope
role for every group in an LUF, and include the trivial mapping from
the group to the role in the LUF, then just use LUS for adding roles
based on roles only?

Or is LUS supposed to be able to add roles based on groups and there
is something else wrong?

-- 
Chris Connett


More information about the Zope mailing list