Fwd: Re: [Zope] Problem using AUTHENTICATED_USER

Jérôme Loisel jerome@levinux.org
Thu, 22 Feb 2001 13:06:56 -0500


(This was my reply. I forgot to add zope@zope.org to cc, so I'm now 
forwarding it. Sorry for the confusion... I'm new to the list.)


Le Mercredi 21 Février 2001 18:58, vous avez écrit :
> On Thursday 22 February 2001 07:44, Jérôme Loisel wrote:
> > I am somewhat unable to check whether or not the user has manager access
> > to some object object. The following does not work as expected:
> >
> > <dtml-if "AUTHENTICATED_USER.has_role('Manager', _.getitem('.news'))">
> >   <P>Blah.</P>
> > </dtml-if>
> >
> > Instead of getting a true result if the user has manager acces to the
> > .news item (a folder), I get a true result if the user has manager access
> > to his context.
>
> Have you checked what parameters AUTHENTICATED_USER.has_role() accepts?
> (try looking in the ZQR).  AFAIK, it only accepts a list of role names, no
> objects, and can only tell you if the user has that role, as specified in
> the acl_users folder.

After more digging around, I finally found it. Read on if interested. (Or
skip to the next section, I had another question.)

My problem was this: I have a .news folder. I selectively grant manager
access to that folder for some users. When such a user browses the site, any
part of the site, he should see an "Add a news item" button appear. So I
needed to check whether or not the user has manager acces _to the .news
folder_.

<quote src="zqr">
has_role(roles, [object])
    Check to see if a has a given role or roles.
</quote>

I can see that calling has_role(roles) works as expected. Sadly, calling
has_role(roles, object) does not seem to yield a different behavior. And that
behavior is what I was looking for. However...

<quote src="zope_help_system">
hasRole(object, roles):
       Return a value that is true if the user has the given roles on the
       given object and return false otherwise.

       Permission - Always available
</quote>

At first I did not even notice that this is a different function altogether.
Silly me. Calling the following works.

<dtml-with .news>
  <dtml-if "AUTHENTICATED_USER.hasRole('Manager')">
    Blah.
  </dtml-if>
</dtml-with

So you did in fact point me in the right direction... You told me to go
re-read the docs. :-)

> [...]
>
> > Related question: How do I access AUTHENTICATED_USER from Python?
>
> self.AUTHENTICATED_USER works for me.

Hmmm. I was not clear enough. I meant from PythonScript objects.
context.AUTHENTICATED_USER does not work for me. I get no better results with
container (obviously) or namespace (bound properly, of course).

Thank you very much for your help.

Cheers,

Jérôme Loisel


--
Jérôme Loisel
Lévinux: GNU/Linux dans les communautés à Lévis

-------------------------------------------------------

-- 
Jérôme Loisel
Lévinux: GNU/Linux dans les communautés à Lévis