control over deleting objects (was Re: [Zope-CMF] fine grained
permissions for adding objects)
Dieter Maurer
dieter@handshake.de
Sun, 30 Jun 2002 23:57:34 +0200
David (Hamish) Harvey writes:
> On a related subject, is it possible to block a member from deleting a
> specific object while not stopping them from deleting other objects in that
> folder? For example, could I allow a user to edit but not delete their
> index_html in their memberarea? Or all documents but nothing else?
Zope has a means to prevent deletion of specific objects.
It was used e.g. for the protection of "standard_html_*" methods
in the Zope root folder. However, I do not know the details.
Controlled type specific deletion is not easy. Objects are deleted
by a generic (i.e. not type specific) folder method.
The standard Zope security can protect this method but only
with a single (type independent) permission.
You would need to extend this method to look at the object
to be deleted and check additional permissions depending on
the object type. Alternatively, you might check in
"manage_beforeDelete" and raise an exception, when the object
does not want to be deleted by the current user.
Dieter