[Zope] fine grained, dynamic permissions based on attribute values
Mark Gibson
mark at kaivo.com
Tue Oct 18 13:16:39 EDT 2005
On Tue, 2005-10-18 at 11:05, Chris Crownhart wrote:
> Good day,
>
> I am wondering if/how I could control the permissions on an object based
> on the value of an attribute. I am using CMF, and thus portal_catalog,
> and have built a custom content type. My type has a category field. I
> would like to control the view permission of the object dynamically
> based on the value of category.
>
> So, as an example, I have multiple users, and multiple values for the
> category field. I would like User A to access the object if the
> category ='financial', and User B access the object if the
> category='other'.
>
> Thanks for any ideas.
I assume user A and B have different roles? Instead of dynamically controlling the permission, could you set the permission on the object explicitly when the object is edited?
e.g.
def manage_edit(self, ...):
...
if REQUEST.get('category') == 'other':
self.set_permission_so_user_B_can_access()
elif REQUEST.get('category') == 'financial':
self.set_permission_so_user_A_can_access()
More information about the Zope
mailing list