[Zope] getting the roles in DTML
Wed, 19 Jun 2002 06:53:24 -0700
The problem I have is a bigger one actually and I was doing the same
thing and getting the expected answer, However after twiddling around
with a test folder's security options I found I could get through even
though I had the required roles.
The problem being that I have a custom User Folder loosely based on
mysqluserfolder, without the cookies and session stuff, for that I use
Cookie Crumbler and CST. Otherwise the code is pretty much the same with
midifications to suit my purposes.
Now lets say I have a user with role "X". I set up a folder that is
veiwable only be ppl with role X via the security tab. When try to view
it, zope refuses entry to me. When I do a AUTHENTICATED_USER.getRoles or
_.SecurityGetUser().getRoles() I get alist that has Authenticated User
and X in it. I loked up and walked through the validate function in my
UF and printed out roles just before it calls authorize and the list of
roles is the same there too.
My authorize function is the following:
authorize__roles__ = ()
def authorize (Self, user, roles, REQUEST):
v = REQUEST ['PUBLISHED'] # the published object
a, c, n, v = Self._getobcontext(v, REQUEST)
allowed = AccessControl.User.BasicUserFolder.authorize (Self,
user, a, c, n, v, roles)
if not allowed: return None
else: return user
Its essentially the same as in mysqluserfolder.
However this return None. I do have a roles table in my user source (my
sql db) and it has the correct entries, so I am unable to figure out why
Chris Beaven wrote:
> <dtml-var "_.SecurityGetUser().getRoles()">
> For quick questions like this, you could always ask in the IRC channel
> (#zope on irc.openprojects.net) ;)
> -----Original Message-----
> From: Aseem Mohanty [mailto:email@example.com]
> Sent: Thursday, 20 June 2002 1:37 a.m.
> To: firstname.lastname@example.org
> Subject: [Zope] getting the roles in DTML
> Ho can I get the list of roles a user has in DTML??
Aseem Mohanty Neurobehavioral Systems Inc, 828 San Pablo Ave, Albany, CA
94706 (R) 510 7696011 (M) 510 3014871 (O) 510 5279231
saw `cout' being shifted "Hello world" times to the left and stopped
right there!!" -- Steve Gonedes