[Zope] Getting user permissions

Andy McKay andym@ActiveState.com
Wed, 16 May 2001 11:53:55 -0700 

Have I found a bug? Lobbing in the collector it goes...

The user account I was checking has the Manager permission. And according to
...AccessControl\PermissionRole.py

def rolesForPermissionOn(perm, object, default=('Manager',)):

Every permission defaults to having the Manager role on it, if not already
sent. Meaning I cant seem to check the Manager role correctly. I changed
this to

def rolesForPermissionOn(perm, object, default=()):

and it works exactly as I would expect, returning 1 for roles I have a right
to and 0 for ones I dont. Im sure there is a reason for this but its weird.

Cheers.
--
  Andy McKay.


----- Original Message -----
From: "Randall F. Kern" <randy@spoke.net>
To: "Andy McKay" <andym@activestate.com>; "Steve Drees"
<drees@the-bridge.net>; <zope@zope.org>
Sent: Wednesday, May 16, 2001 11:39 AM
Subject: RE: [Zope] Getting user permissions


> I do this all over the place in a python product:
>
> user = getSecurityManager().getUser()
> if user.has_permission('Foo', ob)
>
> This is of course the same as your sample (if the user is a normal zope
> user object).  So I would look somewhere else for the problem.
>
> -Randy
>
> > -----Original Message-----
> > From: Andy McKay [mailto:andym@ActiveState.com]
> > Sent: Wednesday, May 16, 2001 11:18 AM
> > To: Steve Drees; zope@zope.org
> > Subject: Re: [Zope] Getting user permissions
> >
> >
> > > SecurityGetUser is the blessed way to get a user object.
> >
> > I thought that was just for DTML? Thats inside
> > /AccessControl/DTML.py...
> > This is a Zope product.
> >
> > Hmm I tried
> >
> >         s = getSecurityManager()
> >         for p in ['Foo',]:
> >             print s.checkPermission(p, parent)
> >
> > and still get 1 for everyting. I would have thought as a
> > default I would get
> > 0 at the least. Oh this is weird.
> >
> > Cheers.
> > --
> >   Andy McKay.
> >
> >
> > ----- Original Message -----
> > From: "Steve Drees" <drees@the-bridge.net>
> > To: "Andy McKay" <andym@activestate.com>; <zope@zope.org>
> > Sent: Wednesday, May 16, 2001 11:06 AM
> > Subject: RE: [Zope] Getting user permissions
> >
> >
> > > >         user = self.REQUEST['AUTHENTICATED_USER']
> > > >         for p in ['Foo',]:
> > > >             print user.has_permission(p, parent)
> > >
> > >
> > > SecurityGetUser is the blessed way to get a user object.
> > > > I get 1 for everything. Is has_permission the correct call?
> > >
> > > That I'm not sure of.
> > >
> >
> >
> > _______________________________________________
> > Zope maillist  -  Zope@zope.org
> > http://lists.zope.org/mailman/listinfo/zope
> > **   No cross posts or HTML encoding!  **
> > (Related lists -
> >  http://lists.zope.org/mailman/listinfo/zope-announce
> >  http://lists.zope.org/mailman/listinfo/zope-dev )
> >
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>