[Zope] Re: REQUEST.SESSION
J Cameron Cooper
jccooper@jcameroncooper.com
Tue, 11 Mar 2003 13:16:37 -0600
>
>
>> You should remove the 'View'-Right for Anonymous and only admit it to
>> a special role. This can be done easily with a script...
>
> I'm using postgresql to store my users data (not acl_users folders)
> can I define roles to users registered this way and logged through
> REQUEST.SESSION?
If that relational store of users is represented as a Zope user folder.
(This can be done quite easily via External User Folder or maybe Simple
User Folder.) If you're planning on managing security yourself, don't.
You may have to do that in other app servers, but not in Zope.
Re-implementing security is a bad thing.
>>> I'd like to use Session (REQUEST.SESSION) data as a parameter to
>>> another method (a Zsql Method for example). How can I do that in
>>> dtml? <dtml-with SESSION mapping> doesn't work. I guess I should use
>>> getSessionDataByKey, but I didn't figure out exactaly how.
>>
>> <dtml-call "REQUEST.SESSION.set('test','hello world')">
>> <dtml-var "SESSION.get('test')">
>
> Yes, that prints "hello world", but how do I send "hello world"
> (assign it to a variable) to a ZSQL Method as a parameter?
SESSION is just an object. Pass it like any other parameter.
With a number: <dtml-call "someZSQLMethod(someParameter=9)">
With an object: <dtml-call
"someZSQLMethod(sessionParameter=REQUEST.SESSION)">
I might say that you could be better off breaking out what you need from
SESSION before passing it in.
<dtml-call "someZSQLMethod(parameterA=REQUEST.SESSION.get('A'),
parameterB=REQUEST.SESSION.get('B'))">
--jcc