[Zope-dev] Enhanced permissions for DTMLMethod and DTMLDocument?
R. David Murray
bitz@bitdance.com
Tue, 29 Aug 2000 20:14:10 -0400 (EDT)
On Tue, 29 Aug 2000, Christopher J. Kucera wrote:
> I've got a question about permissions of DTMLMethods and DTMLDocuments. It
> seems to me that if you've given a role the "View management screens"
> permission, any user with that role should be able to view the source code
> for Methods and Documents. Is there any concurrence here?
No. <grin>
> I can understand if you don't want that kind of feature bundled in with
> "View management screens," but if that's the case then I think there should
> be a different role that grants these permissions.
My understanding (which may be wrong!) is that 'View management screens'
gives one permission (by convention?) to use 'manage_' methods. *Which*
manage methods you can use (or even see on the management tabs) is
controlled by other permissions. So if such an auxiliarry permission
for viewing the contents doesn't exist, it probably would be
useful to create it. But I don't think view management screens
should automatically give you access to the source code.
--RDM