[Zope] Questions on roles and permissions

Dieter Maurer dieter@handshake.de
Wed, 4 Apr 2001 23:49:12 +0200 (CEST)


Fernstrom, Christer writes:
 > 1) I want the same *authenticated user* to have different permissions at different parts of my server. Are local roles the best way to handle this?
Yes

 > 2) How can I get hold of the local user roles?
 > <dtml-var expr="AUTHENTICATED_USER.getRoles()"> only returns the global role
 > associated with the authenticated user.
The Online Documentation says:
   give the "getRoles" an object as argument, then it should
   return the roles relative to this object.
But, the code says, it will not work.
   --> Collector

You can use "getRolesInContext"; unfortunately, this is undocumented
   --> Collector

 > 3) Is there a way to retreive the permissions that the authenticated user has on a given object?
You can use "has_permission" to test for a sepific permission.
I do not know of a way to get a permission list.

 > 4) I have observed that when a user has been authenticated at a deeper level in the folder hierarchy, then <dtml-var expr="AUTHENTICATED_USER.getUserName()"> on a higher level yields 'Anonymous User'. Bug or normal behaviour?
It should be precisely this way.

Details in

  URL:http://www.dieter.handshake.de/pyprojects/zope/book/chap3.html


Dieter