[Zope] A thing about roles I don't get...
massimo
massimop at users.berlios.de
Tue Sep 28 05:21:48 EDT 2004
Jonathan Hobbs wrote:
>From: "massimo" <massimop at users.berlios.de>
>
>
>>I have a folder that should be 'operated' only by a certain group of
>>users so I created a local role and then activated the 'Access contents
>>information' permission only for this role (and for manager, just in
>>
>>
>case).
>
>
>>Now I would like to test with a python script if the folder is
>>accessible to the current user, to build dynamically a menu so I tried
>>this script based on the one in the chapter 'Users and Security' of the
>>Zope Book:
>>
>>#################################################################
>>## Script (Python) "check"
>>##bind container=container
>>##bind context=context
>>##bind namespace=
>>##bind script=script
>>##bind subpath=traverse_subpath
>>##parameters=
>>##title=
>>##
>># Import a standard function, and get the HTML request and response
>>
>>
>objects.
>
>
>>from Products.PythonScripts.standard import html_quote
>>request = container.REQUEST
>>RESPONSE = request.RESPONSE
>>
>>from AccessControl import getSecurityManager
>>sec_mgr = getSecurityManager()
>>return sec_mgr.checkPermission('Access contents information',
>>context.restrictedTraverse('/path/to/folder'))
>>##################################################################
>>
>>It doesn't work the way I hope, It ask me to authenticate claiming that
>>I'm not allowed to access the object.
>>
>>I suppose this is the correct behavior, probably I miss something that
>>is in front of my eyes, but a this point I really need a little help...
>>please
>>
>>
>
>It sounds like you need to set the Proxy role for your test python script to
>allow it to access the target object.
>
>
>Jonathan
>
>
>
>
well, I feel kinda stupid...
I was sure I had already tried it, but now that I checked before
answering you I found it working....
I thank and apologize
massimo
More information about the Zope
mailing list