[Zope] Customizing or Hooking Access Control

Dieter Maurer dieter@handshake.de
Mon, 23 Jun 2003 00:00:46 +0200

rossp@ppc.ucsc.edu wrote at 2003-6-20 17:01 -0700:
 > I have a bunch of classes and objects that have a boolean 'active'
 > attribute that gets set on and off variously throughout my code.  I
 > also have a 'View Inactive' permission that I use in some of my own
 > object listing methods.
 > But what I really want is to be able to control the AccessControl
 > validation.  I would like to be able to say that if an object is
 > active (its 'active' attribute is on) that someone who has the 'View'
 > permission can visit it.  If the object is inactive, however, I would
 > like to be able to say that someone who doesn't have the 'View
 > Inactive' permission can't visit it.
 > It would seem that this could be fairly easily accomplished with
 > something like manage_beforeDelete, manage_beforeValidate for example,
 > where I can reject the validation before the rest of the checks are
 > made.  Niether the docs, nor googling, nor reading the source, nor
 > pestering #zope has yielded anything so far so here I am pestering the
 > list.
 > Any ideas?  Thanks.

The architecture provides a hook for this.
Zope fill the hook with "ZopeSecurityPolicy".

Look at the source to determine how you can provide your
own hook.