[Zope] permissions (+ acquisition)
Cliff Ford
Cliff.Ford at ed.ac.uk
Tue Oct 12 15:45:14 EDT 2004
One way to do this is to give 'user' the Manager local role in
/test/user and then arrange for anyone other than a/the Manager not to
see any edit link, and, if they type edit in the url line
(/test/user/edit) get the edit template to display a polite 'Edit
denied' message. So the only difference from what you have done is to
give the user the Manager role and not worry about ownership.
Cliff
massimop at users.berlios.de wrote:
> hi,
>
> I probably shouldn't start coding without a good knowledge of my tools,
> but this is the way I usually learn...
>
> I'm developing a small CMS-like (I know, there's CMF, Plone etc, but I'm
> playing...:))
>
> the point is that I have site, say http://localhost:8080/test, with a
> subfolder for each registered user, an 2 page templates, view and edit
>
> this methods are in /test and are meant to work via acquisition so with
> http://localhost:8080/test/user/view
> any user (even anonymous) should view user data and with
> http://localhost:8080/test/user/edit
> only 'user' should edit the same data
>
> I can't figure out how to set permissions...
>
> as a workaround I modified edit to check user roles via
> getRolesInContext and assigned to each user the Owner role in his
> folder, leaving Ownership to admin (hope this is legitimate)
>
> I would prefer though a solution based only on Zope automatic
> roles/permissions management, without any test
>
> I hope it's clear
> thanks for any hint
> massimo
>
>
>
>
>
> _______________________________________________
> Zope maillist - Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
More information about the Zope
mailing list