[Zope-CMF] CMF security policy

Dieter Maurer dieter@handshake.de
Fri, 25 Jul 2003 01:57:29 +0200


David Hart wrote at 2003-7-24 14:32 +1000:
 > ...
 > I have a CMF site where a particular entire folder and all its contents 
 > should be accessible only to a certain role (just 'Authenticated' in the 
 > simple case). I would like all contained objects to inherit their 
 > permission from the parent folder.
 > 
 > When new CMF content is added, the Anonymous role is specifically set on 
 > the Access contents information and View permissions. I'm looking in the 
 > source, but can't yet track it down. Is this happening in the factories? 
 > Is there a way I can change is default behaviour?

This is done by the workflow.

A CMF workflow can change the permission to role mapping
based on workflow state.

I assume, you are using DCWorkflow.
In this case, look at the "Permissions" tab of the workflow
definition and its various states.


Dieter