[Zope-PTK] I could be wrong but my toolbox ain't workin right...

H.A. greyfolk@usa.net
Tue, 11 Apr 2000 20:58:32 -0700

On Tue, Apr 11, 2000 at 03:44:44PM -0700, Chip Vanek wrote:
> The (old) Product API tutorial describes permissions as:
>   A tuple of tuples, and the inner tuples contain a string, a
>   tuple of methods, and optional third tuple of strings.
>   i.e. ((permissionName),(methodsToActOn),(OptionalRoles))
>             or more correctly:
> __ac_permissions__ = (
>             ('Permission name',(method,method,method),
>                ('Role Name','Role Name')),
>             ('Permission name',(method,method,method)),
>                      )

Hi, there's a better description of roles/permissions in the AccessControl
dir in file AccessControl.txt.

> Are each of the __ac_permission__ declarations an overwite of
> previous declarations?  

The code in Roles.py and PermissionMapping.py seem to collect all the parent's
__ac_permissions__. New permission definition should replace the ones defined
in the parents, the ones that aren't redefined get included. I believe 
there's certain convention of using empty tuple, etc. to disable acquisition
(I'm not clear about this), but for the moment I take the easy way
out of using ZClasses, PythonMethods, DTMLMethods etc to build products and 
use the web interface to do permission/role mappings. The permission tab in 
the ZClass actually shows all inherited permissions.