[Zope-PTK] Roles, Groups, Security and Group Membership

[Dan L. Pierson]

Monty Taylor writes:
 > > It seems to me that group membership is an attribute of a
 > > Member, like home folder.  The publishing logic could then look at
 > > this attribute (these attributes? It may not be that simple.) to
 > > determine whether to automatically publish something or hold for
 > > review.  I.E. the problem may not be the Zope security system, it may
 > > be the PTK using Zope security instead of a private mechanism.
 > 
 > I get what you're saying... but here's the thing I can't figure
 > out. Say I create either a role "Marketing" or assign a user to a
 > local role of "Manager" in the Marketing folder. Now granted, I'm
 > probably abusing the DemoPortal for more than I should, but how
 > could I give the user access to a 'Set Status' like method that is
 > called in the context of that folder? Maybe I'm just streching for
 > too much from too little effort.  No, I guess what I'm asking about
 > is streching the design too much. I think what I really want is for
 > the status of a Portal Object ('Private', 'Pending', 'Published')
 > to actually be affected by context. So that any given Object could
 > be Published in "Marketing" but "Private" in the root folder. I
 > don't think Zcatalog is really going to like that.

It looks like what you need to do is modify the method 'before_review' 
in your Portal base class.  Look in PTKDemo/Portal.py for a sample and 
PTKBase/PortalObject.py for comments describing what this is supposed
to be for.  Looks to me like it was designed for this.

Now we come to the question of whether you should have to modify
Python code to do this...