[Zope] The Login Blues
Dieter Maurer
dieter at handshake.de
Thu Aug 11 14:33:56 EDT 2005
Kevin Jones wrote at 2005-8-11 08:38 -0600:
>...
>My company site allows anonymous visitors to enter a user login
>id and password, with the Role 'CoPersonnel'. It then allows
>them to create a project page and their project info...
>
>All is well and good until later, when they login to edit their
>page. It works, BUT it gives them permission to edit anyone
>else's page that has the Role 'CoPersonnel'! It also seems that
>while the first login is successful, they retain an 'Anonymous
>User' role.
>
>These two reside in a "Projects" folder: login_html, acl_users.
>The individual projects are located in a "Projects" subfolder:
>"projects_current."
>
>Do the acl_users and login_html file have to reside in the
>individual project folder? (BTW, I got the code from "The Book
>of Zope.")
There are global and local roles.
A global role is assigned to user globally.
It applies the the complete subhierarchy governed by the
user folder which defined the user.
The subhierarchy governed by a user folder is the one
whose root contains the user folder.
If this does not give you what you need, you have two
options:
* move the "acl_users" down (such that it governs a smaller
subhierarchy)
* use "local" roles instead of global ones.
--
Dieter
More information about the Zope
mailing list