[Zope] owner security assertions
Florent Guillaume
fg@nuxeo.com
Wed, 15 May 2002 22:03:53 +0000 (UTC)
<kosh@aesaeion.com> wrote:
> What would be the correct set of permissions and security assertions I
> need in order to make it so that in addition to manager only the owner of
> that object can edit it. It seems if I just gives the permissions I want
> to the owner role that doesn't work.
It should work. Owner is a local role given by ObjectManager to the user
at object creation time. Check that in the Security/Local Roles tab.
How do you create you objects ?
> If I assign someone to the role of owner they can do stuff in all of
> the documents which is not what I want.
Indeed. Nobody should have a global Owner role.
> I had thought that owner was a role you got automatically on an object if
> you where its owner.
You get it when you create the object, so in effect what you say is true
event if the mechanism is different. For instance if someone "takes
ownership" of an object it doesn't change the Owner local role.
Florent
--
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 87 http://nuxeo.com mailto:fg@nuxeo.com