[Grok-dev] Re: grok and complicated permissions

Kevin Teague kteague at bcgsc.ca
Wed Sep 26 16:22:25 EDT 2007

I had a very similar use case when developing my first real Grok app. My 
solution was to define a custom Traverser that granted Roles upon 
Traversal. I am pretty sure this a nasty abuse of Traversers, since the 
solution involves mixing in two concerns together (security and 
traversal) - but it did solve my immediate problem :P

I have something like this:

from zope.app.securitypolicy.interfaces import IPrincipalPermissionManager

class MyCustomTraverser(grok.Traverser):

     def traverse(self, name):
        principal_id = self.request.principal.id
        ppm = IPrincipalPermissionManager(grok.getSite())
        if mySecurityLogicHere():
            ppm.grantPermissionToPrincipal(u'myPermission', principal_id)
            # do your regular Traversal here ...

More information about the Grok-dev mailing list