[Zope-dev] Trying to set roles/permissions programmatically - Now I have a headache!

Danny William Adair Danny@Adair.net
Sat, 28 Apr 2001 00:15:26 +1200 

Hello!

I want to set the roles of a permission and turn acquisition of a permission
(mapping) on and off programmatically. And of course I want to get a
permission by its name. This looks definitely more complex than simply
changing an object's property!

I took a look at the management screens(Role.py ->
manage_changePermissions). The aX and pYrZ mapping for the *checkboxes*
(=sole purpose) gave me a lot of confusion, I first thought this was Zope
internal naming :-). Then I took a look at Permission.py (setRoles). But I
haven't dealt with this before, and it all looks a little weird. I managed
to write a couple of functions that give me roles to permissions and
permissions to roles or check if a permission setting has been acquired and
so on, but I'm stuck with *setting* permissions with a function of my own.

a) Could this be correct?

# roles as list: acquisition will be turned on
roles=['Anonymous','Manager']

# roles as tuple: acquisition will be turned off
roles=tuple(roles)

# set as specified
some_permission.setRoles(roles)


b) How can I get a hold of some_permission when I know its name? This does
not work:

def setRolesForPermission(ob, permission, roles, setacquired):
  permission_trans = '_' + replace(permission, ' ', '_') + '_Permission'
  p = getattr(ob, permission_trans) # this does *not* give me the permission
itself!
  if not setacquired:
    roles=tuple(roles)
  p.setRoles(roles)

It must have something to do with acquisition :-)
If it is turned on for that permission, getattr() won't find the attribute.
If it's turned off, it returns a tuple. Where's the permission instance
itself?

I see that ac_inherited_permissions(1) gives me a list of permission names,
but I don't know how to access a specific permission directly.

This *did* work:

def permissionAcquired(ob, permission):
# Tell me if acquisition has been turned on
# (There's also some other way, checking if the returned is of type List or
Tuple, I think I saw that somewhere in Role.py)

  permission_trans = '_' + replace(permission, ' ', '_') + '_Permission'
  return (not hasattr(ob.aq_base, permission_trans))


Help!
Thank you so much in advance,

Danny