[Zope] A thing about roles I don't get...
massimo
massimop at users.berlios.de
Mon Sep 27 17:01:56 EDT 2004
...perhaps not the only thing I don't get but..
Hi to all,
I have a folder that should be 'operated' only by a certain group of
users so I created a local role and then activated the 'Access contents
information' permission only for this role (and for manager, just in case).
Now I would like to test with a python script if the folder is
accessible to the current user, to build dynamically a menu so I tried
this script based on the one in the chapter 'Users and Security' of the
Zope Book:
#################################################################
## Script (Python) "check"
##bind container=container
##bind context=context
##bind namespace=
##bind script=script
##bind subpath=traverse_subpath
##parameters=
##title=
##
# Import a standard function, and get the HTML request and response objects.
from Products.PythonScripts.standard import html_quote
request = container.REQUEST
RESPONSE = request.RESPONSE
from AccessControl import getSecurityManager
sec_mgr = getSecurityManager()
return sec_mgr.checkPermission('Access contents information',
context.restrictedTraverse('/path/to/folder'))
##################################################################
It doesn't work the way I hope, It ask me to authenticate claiming that
I'm not allowed to access the object.
I suppose this is the correct behavior, probably I miss something that
is in front of my eyes, but a this point I really need a little help...
please
thanks
massimo
p.s. yes, I'm a zope beginner
More information about the Zope
mailing list