[Zope] Permissions / roles question

Jean Jordaan Jean@mosaicsoftware.com
Tue, 22 Aug 2000 11:11:29 +0200


Hi all

If "I'm jean with role(s) manage.", then why does this code in 
'standard_wiki_footer' not offer to log me out?::

    <dtml-if "AUTHENTICATED_USER.has_permission('Change ZWiki Pages',
this())">
      <a href="<dtml-var id url_quote>/editform?cols=70&rows=20">Edit this
page</a> <br>
      <dtml-comment> ## njj: change (changes to login code for GUF) ##
</dtml-comment>
      <dtml-if "AUTHENTICATED_USER.has_role('Anonymous', this())">
        <a href="acl_users/login?moveto=<dtml-var PATH_INFO>">Login</a> 
      <dtml-else>
        <a href="acl_users/logout?moveto=<dtml-var PATH_INFO>">Logout</a> 
      </dtml-if>
    <dtml-else>
      <a href="acl_users/login?moveto=<dtml-var PATH_INFO>">Login</a> to
edit<br>
    </dtml-if>

I mean, the Manager role *does* have the 'Change ZWiki Pages'
permission, and does *not* have the 'Anonymous' roles. 

What kind of a role is 'manage' anyway?? Roles in my Zope
are: 'Anonymous Manager Owner ZWikiApprover ZWikiManager' and 
'ZWikiUser', so where does 'manage' come from? It gets printed
by the following from 'DTML Method at /debugging_info', which
is referenced from 'standard_html_footer'::

  <dtml-if "AUTHENTICATED_USER.getRoles()">
    with role(s) <tt>
      <dtml-in "AUTHENTICATED_USER.getRoles()">
        <dtml-var sequence-item>
        <dtml-unless sequence-end> , </dtml-unless>
      </dtml-in>
    .
  </dtml-if>

To try and answer my own question: '/wiki' access is governed by 
'/wiki/acl_users', (Generic User Folder), where 'jean' does *not* 
feature. Hmm, so 'DTML Method at /debugging_info' doesn't show 
the roles of 'jean' in the context of 'this()'? But surely this 
doesn't change the fact that 'jean' *does* have the 'Change ZWiki 
Pages' permission, and does *not* have the 'Anonymous' role. 

Enlightenment needed!

Regards,
-- 
Jean Jordaan       --    technical writer    --
Mosaic Software    --    Zope 2.1.6 on WinNT and W2K