Hi,<br>I have a similar difficulty.<br><br>In site.zcml, the role 'zope.Member' is defined and a permission is granted:<br> <role id="zope.Member" title="Site Member" /><br> <grant permission="zope.View"<br>
role="zope.Member" /><br><br>How can I assign a role to a principal who is created on the fly:<br>a_principal = zope.app.authentication.principalfolder.InternalPrincipal(login=tab[0].encode('utf-8'), password=tab[1].encode('utf-8'), title=a_title.encode('utf-8'), passwordManagerName='SHA1')<br>
a_auth_plugin = getUtility(zope.app.authentication.interfaces.IAuthenticatorPlugin, 'myAuthenticatorPlugin')<br>role_map = IPrincipalRoleManager(a_auth_plugin) role_map.assignRoleToPrincipal('zope.Member', a_principal.login)<br>
a_auth_plugin[a_principal.title] = a_principal<br><br>I verify that the role is assigned:<br> interaction = zope.securitypolicy.zopepolicy.ZopeSecurityPolicy()<br> print interaction.checkPermission(a_principal, a_auth_plugin)<br>
>>> True<br><br>But when I want to access the page defined below, it returns 'Unauthorized':<br><page<br> name="login.html"<br> for="zope.app.folder.interfaces.IFolder"<br>
permission="zope.View"<br> layer="cdcadama.layer.ICdcadamaBrowserLayer"<br> class=".login.LoginAddForm"<br>/><br><br>Thanks for your help<br>Simon<br><br><br><div class="gmail_quote">
On Tue, May 12, 2009 at 12:34 PM, Massimiliano della Rovere <span dir="ltr"><<a href="mailto:massimiliano.dellarovere@gmail.com">massimiliano.dellarovere@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I had a similar problem.<br>
My mistake was that I forgot the application prefix in the<br>
<a href="http://event.principal.id" target="_blank">event.principal.id</a>. (so instead of user app.XYZ I used only XYZ, which<br>
was not found in the PrincipalFolder).<br>
<div><div></div><div class="h5"><br>
<br>
On Tue, May 12, 2009 at 12:18, Thierry Florac <<a href="mailto:thierry.florac@onf.fr">thierry.florac@onf.fr</a>> wrote:<br>
> Le mardi 12 mai 2009,<br>
> paftek <<a href="mailto:paftek@gmail.com">paftek@gmail.com</a>> a écrit :<br>
> ======================================================================<br>
>> I created a Role and a Permission affected to it :<br>
>> <role id="app.User" title="Utilisateur" /><br>
>> <permission id="app.Auth" title="Utilisateur authentifié" /><br>
>> <grant permission="app.Auth" role="app.User" /><br>
>><br>
>> My users are store in a PostgreSQL database, not in the ZODB.<br>
>> I use the Zope authentication system to return a PrincipalInfo when an<br>
>> user log in.<br>
>><br>
>> I do not know how to assign my "app.User" Role to the Principal who<br>
>> log in. I tried the following, without success :<br>
>><br>
>> @adapter(IAuthenticatedPrincipalCreated)<br>
>> def setPermission(event):<br>
>> role_map = IPrincipalRoleManager(getSiteManager())<br>
>> role_map.assignRoleToPrincipal('app.User', <a href="http://event.principal.id" target="_blank">event.principal.id</a>)<br>
> ======================================================================<br>
><br>
> Hi,<br>
><br>
> What do you mean when you say "without success" ?<br>
> What do you get when you look at the "@@grant.html" view over your<br>
> context ??<br>
><br>
> Thierry<br>
> --<br>
> Chef de projets intranet/internet<br>
> Office National des Forêts - Département Informatique<br>
> 2, Avenue de Saint-Mandé<br>
> 75570 Paris Cedex 12<br>
> Tél. : 01 40 19 59 64<br>
> Fax. : 01 40 19 58 85<br>
> Mél. : <a href="mailto:thierry.florac@onf.fr">thierry.florac@onf.fr</a><br>
> Web. : <a href="http://www.onf.fr" target="_blank">http://www.onf.fr</a><br>
><br>
> _______________________________________________<br>
> Zope3-users mailing list<br>
> <a href="mailto:Zope3-users@zope.org">Zope3-users@zope.org</a><br>
> <a href="http://mail.zope.org/mailman/listinfo/zope3-users" target="_blank">http://mail.zope.org/mailman/listinfo/zope3-users</a><br>
><br>
_______________________________________________<br>
Zope3-users mailing list<br>
<a href="mailto:Zope3-users@zope.org">Zope3-users@zope.org</a><br>
<a href="http://mail.zope.org/mailman/listinfo/zope3-users" target="_blank">http://mail.zope.org/mailman/listinfo/zope3-users</a><br>
</div></div></blockquote></div><br>