[Zope] Fw: [Zope-dev] Logging in as admin and impersonating another user - is it possible with Zopes sec policy?

[Dario Lopez-Kästen]

Hello!

[sent this to the zope-dev list but it was pointed out that perhpas this was
a better list, even it imho is a development question]

I am wondering if it is possible to write a userfolder that does the
following (I need to implement a userfolder with these properties):

For certain categories of users, for instance Teachers, while keeping their
current authorisation of Teachers, I need to let them "impersonate" a user
with lower authorisation than they currently have, say Students.

So a logged in Teacher could for instance examine what a particular student
sees in a Student portal (i.e. "previewing" it as would that particular
student)

Is this possible with Zopes current securtiy mechanisms? For now I can do it
by providing a security mechanism that runs in parallel to zope's own, but
it is a bit cumbersome to develop for - also I miss some of the features
that zope provides for automagically protecting obejcts, etc. Proxy roels
will not work for what I have in mind (at leats I think they won't).

Any info or pointers are appreciated.

Sincerely,

/dario

- --------------------------------------------------------------------
Dario Lopez-Kästen, dario@ita.chalmers.se        IT Systems & Services
System Developer/System Administrator     Chalmers University of Tech.