[Zope] 'Delete objects' permission

Tim Terlegård timte878 at student.liu.se
Fri Sep 19 16:58:37 EDT 2003


> However, for "Owner" is would be unintuitive that the owner
> of a folder has "Owner" permissions on all contained objects...

Yes, unintuitive and it makes it hard to only allow creaters to delete
their own objects. I thought this community policy was common...


> > Is there any website explaining this thorougly?
> 
> Did you read the local roles chapter of the Zope Book?

I can't find any chapter named 'local roles'. I read  "Users and Security" though.

I grasp local roles now and with a little help by Chris on IRC I
understand 'Delete objects' permission on folders.

My conclusion is that there's no way to have a "members can create
objects on the entire site, but only delete their own ones"-policy without scripting.
I figure there are two ways:
* Create a script that adds 'Delete objects' permission to the
  object's container in manage_beforeDelete or similar. You also
  have to add a script that removes 'Delete objects' after the deletion have
  been made.
* The same solution, but using workflow instead. Maybe workflows use
  manage_beforeDelete for the work behind the scenes?

Maybe there are better ways? These are not easy solutions for a newbie like me  :)

Tim




More information about the Zope mailing list