[Zope] Per-user authorization to folder using SiteAccess rules

Andy Altepeter aaltepet at bethel.edu
Fri May 7 16:56:08 EDT 2004

On Fri, 2004-05-07 at 13:29, Dieter Maurer wrote:
> Andy Altepeter wrote at 2004-5-7 10:59 -0500:
> >I have a zope folder that contains multiple documents.  Users order a
> >document to be created by our communications office.  That office then
> >uploads that word document (not through ZMI).  I want users to have
> >access to ONLY those documents they have ordered.  And all this needs to
> >be done programmatically and not through ZMI.
> > ...
> >Is there another way to do this?
> Yes.
> Protect your documents by a permission granted only to priviledge roles.
> This will prevent normal users to access them directly.

Is changing the 'View' permission on the container to: (Manager,<local
priv role>) sufficient?

> Provide an access service though a PythonScript.
> You can use the "sub_traversal" feature of "PythonScripts" to
> do this easily. Give this (or these) scripts a proxy role (see
> Zope book, for details) such that they have the necessary priviledge
> to access the documents.

Wow.  That is such a slick pattern, and SO easy to setup.  
Many Thanks Dieter!


More information about the Zope mailing list