[Zope] Per-user authorization to folder using SiteAccess rules

Dieter Maurer dieter at handshake.de
Fri May 7 14:29:47 EDT 2004

Andy Altepeter wrote at 2004-5-7 10:59 -0500:
>I have a zope folder that contains multiple documents.  Users order a
>document to be created by our communications office.  That office then
>uploads that word document (not through ZMI).  I want users to have
>access to ONLY those documents they have ordered.  And all this needs to
>be done programmatically and not through ZMI.
> ...
>Is there another way to do this?


Protect your documents by a permission granted only to priviledge roles.
This will prevent normal users to access them directly.

Provide an access service though a PythonScript.
You can use the "sub_traversal" feature of "PythonScripts" to
do this easily. Give this (or these) scripts a proxy role (see
Zope book, for details) such that they have the necessary priviledge
to access the documents.


More information about the Zope mailing list