[Zope3-Users] Re: how to know if a principal has the right permissions

Philipp von Weitershausen philipp at weitershausen.de
Sun Aug 27 17:53:17 EDT 2006


Lorenzo Gil Sanchez wrote:
> Hello,
> 
> I have a INewsItem content type that anonynmous users can see but only
> editors can create/edit/remove. I have a view which list all my news
> items. I want to show links from this view to the add, edit and remove
> views for every news item but only if the principal is an editor.
> 
> So, from my ListNewsView class I want to make a method called 'canEdit'
> and in the ZPT for that view I can write something like:
> 
>  <a  href="./edit.html" tal:condition="view/canEdit">Change news ...</a>
> 
> The question is: how do I know if the current principal has permission
> for a specific view? Something like:
> 
> def canEdit(self):
>    ppal = self.request.principal
>    return canView('edit', INewsItem, ppal)

zope.security.canAccess
zope.security.canWrite

Philipp



More information about the Zope3-users mailing list