[Zope] Setting default permissions from Python code

Janne Pietarila jpietari@uiah.fi
Wed, 10 Oct 2001 11:10:40 +0300 (EET DST)

We are currently developing a learning environment by making
our own Zope product. The product has several courses and different
users have different Zope roles on each course (tutor, student, expert).
That is, a user X may have a role 'student' on course C1, but only
role 'tutor' on course C2.

We implemented security as described in Zope Developer's Guide
(http://www.zope.org/Documentation/ZDG/Security.dtml), however,
when we use setPermissionDefault() for class ClassSecurityInfo,
there are no any visible changes in manage_access interface.

It looks like default permissions set in Python code don't affect Zope at

We checked how permissions are handled in the CMF (Content Management
Framework) product. Here is a code snippet from setupPermissions():

<-- cut <---

    def setupPermissions(self, p):
        # Set up some suggested role to permission mappings.

        mp = p.manage_permission
        mp('Set own password',        ['Member','Manager',],    1)
        mp('Set own properties',      ['Member','Manager',],    1)
        mp('Add portal content',      ['Owner','Member','Manager',], 1)


---> cut --->

So we added some manage_permission() calls to our own code after which
everything worked just like we want.

Is this currently the only way to manage default permissions? From
(http://www.zope.org/Documentation/ZDG/Security.dtml you get an
impression that you should only use setPermissionDefault().

Ilkka Kekkonen

Janne Pietarila