[Zope] Re: access rule and authentication

Tres Seaver tseaver at palladion.com
Mon Oct 17 15:18:50 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Krzysztof Kubacki wrote:
> Hi,
> 
> Python Script which is set as "Access Rule" for some Folder is
> execute before authentication is done.
> This way the following code won't work>
> if context.portal_membership.getAuthenticatedUser().getId() == "admin": 
>       return "dog" 
> return "cat" 
> 
> I will always get "cat". So does somebody know how to resolve it?

AcceseRules run during path traversal, before any authentication is done
(Zope2 does "inside out" authentication starting at the "published"
objectd).  You might be able to force user validation to be attempted
earlier, e.g. by calling 'validate' directly on the user folder.


Tres.
- --
===================================================================
Tres Seaver          +1 202-558-7113          tseaver at palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDU/ka+gerLs4ltQ4RAtJtAKDYknRJMxX3kShfmQuEvs+UX0uYgwCeM2WR
ygDsqyOWKuoWWiJgUVWlvSo=
=3Pn+
-----END PGP SIGNATURE-----



More information about the Zope mailing list