<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
gf wrote:
<blockquote
cite="midace26be40602241139r69d5d77co2b6c67cbc9cf8ac4@mail.gmail.com"
type="cite">
<pre wrap="">On 2/24/06, David <a class="moz-txt-link-rfc2396E" href="mailto:bluepaul@earthlink.net"><bluepaul@earthlink.net></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">gf wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi,
I am relatively new to Zope and have a question regarding acl_user folders.
I am trying to prevent 'view' access to an acl_users folder that I
have created in a non-root area of my website.
I have used the management interface Security tab to uncheck the
'Acquire permission settings' for the 'View' Permission and have
enabled View for the Manager role only.
I have taken the same actions for my root acl_users folder as well.
When I browse to <a class="moz-txt-link-freetext" href="http://mysite/myfolder/acl_users">http://mysite/myfolder/acl_users</a>, I am presented with
a view of the index_html file contained within myfolder, with the
<dtml-var title_or_id> 'output' indicating that it is 'User Folder'.
Why is acl_users making use of the container's index_html? Is there a
way to limit even View access to this folder?
Thanks.
-g
</pre>
</blockquote>
<pre wrap="">gf,
Thats normal zope acquisition. When you access a folder with no
viewable object it goes *up* in search of something to acquire and
index_html is implied. Authorization occurs when something is about to
be published or accessed - not just typed in a URL.
David
</pre>
</blockquote>
<pre wrap=""><!---->
Hi David,
I appreciate the clear explanation. That certainly makes sense.
Does that mean, then, that it is not really possible to limit view
access like I want without some 'extraordinary' measures? Is it
possible to have this particular folder type acquire some other object
instead of index_html? I suppose if I could redirect to another folder
that would be sufficient.
Thanks.
-g
</pre>
</blockquote>
gf,<br>
<br>
So far you haven't described how they "view" acl_users. Which is what
I thought was your concern.. They are viewing the first
(authenticated) viewable object which is one level above.<br>
<br>
Maybe you can better define your security concerns. What don't you
want users to see?<br>
<br>
David<br>
<br>
</body>
</html>