[Grok-dev] Re: How do I check permissions on a view?

Jan-Wijbrand Kolman janwijbrand at gmail.com
Tue Sep 25 09:30:46 EDT 2007

Philipp von Weitershausen wrote:
>> You can explicitly check permissions like this:
>> from zope.security.management import getInteraction
>> interaction = getInteraction()
>> interaction.checkPermission('mypermission', object):
> Or just use
>   zope.security.checkPermission(perm, obj)
> which hides all this interaction business away.
> Either way, I think this is only half the solution to Sebastian's 
> problem. If he wants to separate concerns, then he shouldn't make his 
> code have to know about the required permission. It should just work 
> with whichever permission was set on the view. This is what canAccess does:
>   zope.security.canAccess(view, '__call__')
> It will look up which permission is required for accessing view.__call__ 
> and then check if the user has the permission.

FYI, if you want to do this from (functional) tests for your 
application, you have to initialize such an "interaction" first.

Something like:

   >>> from zope.security import checkPermission
   >>> from zope.security.management import newInteraction
   >>> from zope.security.management import endInteraction
   >>> class Participation(object):
   ...    interaction = None
   >>> participation = Participation()
   >>> participation.principal = some_principal_to_test_with
   >>> newInteraction(participation)
   >>> checkPermission(u'Should.Have.This.Permission', context)
   >>> checkPermission(u'Should.Not.Have.This.Permission', context)
   >>> endInteraction()

But maybe there's better ways of doing this from ftests?

Kind regards,

More information about the Grok-dev mailing list