[Zope] context.user at ImplPython.py
Martijn Pieters
mj at zopatista.com
Fri Mar 23 11:56:29 EDT 2007
Please keep the mailing list in the loop, others may have insights too.
On 23. mar. 2007, at 15.37, Garito wrote:
>> > If you read the link I put, you could read I can create (with
>> > CrearFuncionalidad) but not delete it (with BorrarFuncionalidad)
>> that seems
>> > to have the same security necessities
>>
>> Return a callable from your traverser (so return the __call__, don't
>> call it yourself). The publisher will call it for you after the user
>> has been authenticated.
>
> As Dieter said __bobo_traverse__ can't return strings or ints for
> that I create (as he tall me, thanks again) a wrapper that returns
> the rendered code
Fine, that's what I ment. But your wrapper should implement a
__call__ method. The publisher will call that method at a time where
security *has* been set up.
Do make sure that you wrap your wrapper in the correct security
context though:
class Wrapper(Acquisition.Implicit):
def __call__(self):
# Things that need a security context need to be done here.
return getSecurityManager().getAuthenticatedUser().getId()
class SomeItem(SimpleItem):
def __bobo_traverse__(self, REQUEST, name):
if name == 'Wrapper':
return Wrapper().__of__(self)
else:
return getattr(self, name)
This way the security policies can still look up the security context.
--
Martijn Pieters
More information about the Zope
mailing list