[Zope] A thing about roles I don't get...

massimo massimop at users.berlios.de
Mon Sep 27 17:01:56 EDT 2004


...perhaps not the only thing I don't get but..

Hi to all,

I have a folder that should be 'operated' only by a certain group of
users so I created a local role and then activated the 'Access contents
information' permission only for this role (and for manager, just in case).
Now I would like to test with a python script if the folder is
accessible to the current user, to build dynamically a menu so I tried
this script based on the one in the chapter 'Users and Security' of the
Zope Book:

#################################################################
## Script (Python) "check"
##bind container=container
##bind context=context
##bind namespace=
##bind script=script
##bind subpath=traverse_subpath
##parameters=
##title=
##
# Import a standard function, and get the HTML request and response objects.
from Products.PythonScripts.standard import html_quote
request = container.REQUEST
RESPONSE =  request.RESPONSE

from AccessControl import getSecurityManager
sec_mgr = getSecurityManager()
return sec_mgr.checkPermission('Access contents information',
context.restrictedTraverse('/path/to/folder'))
##################################################################

It doesn't work the way I hope, It ask me to authenticate claiming that
I'm not allowed to access the object.

I suppose this is the correct behavior, probably I miss something that
is in front of my eyes, but a this point I really need a little help...
please

thanks
massimo

p.s. yes, I'm a zope beginner







More information about the Zope mailing list