[Zope-dev] several permissions for the same method

Jephte CLAIN Jephte.Clain@univ-reunion.fr
Thu, 20 Jul 2000 09:43:06 +0400


Dieter Maurer wrote:
> Jephte CLAIN writes:
>  > I have the scenario where a user can edit *its* data but not other
>  > users's data, unless he has a special role. however, the method used to
>  > edit one's data is the same.
> Can you not use the "Owner" role for this?
I suppose not, because data is taken from a SQL database, so everyone
could potentially trash others' data

Oleg advised to make edit_data unpublishable and to write wrappers
around it. However, I have thought of another way to do it. Whether it
is better or not, I like it because I do not have to rewrite edit_data
that much.

__ac_permissions__ = (
('Use edit_data', ('edit_data', )),
('Edit one\'s data', ('check_perm_1', )),
('Edit others\' data', ('check_perm_2', )),
)

check_perm1 and check_perm_2 are do-nothing methods that are protected
by the permissions. In edit_data, I call them as appropriate to check
for the user's permissions.

any comments?

regards,
jephte.clain@univ-reunion.fr