[Zope-dev] permission management behaviour

bTurtle ZOpe zope at bturtle.ch
Tue Nov 30 10:37:50 EST 2004

in a product I am working on, I have to set the permissions. I tried this,
using the following code snippet:

roles = object.valid_roles()


for role in roles:
  object.manage_role(role, permissions[role])

permissions is a dictionary of roles with lists of permission names (e.g.
{'Authenticated': [], 'Acquire': ['Access Transient Objects', 'Access
arbitrary user session data', ...}).

The thing I don't understand concerns the 'Manager' role. I observed the
following things:

 - if I ommit the call to manage_acquiredPermissions, the permissions for
'Manager' are not set

 - 'Manager' inherits all permissions of Roles that are set AFTER the
'Manager' role is set (with manage_role). e.g. 'Owner' has the 'Add
Database Methods' permission set. When the 'Owner' role is managed, the
'Add Database Methods' is also added to the 'Manager' role. ('Owner' comes
after 'Manager' in the roles list).

Can someone explain why this is so? or what I am doing wrong.

my setup is:
Zope Version (unreleased version, python 2.3.3, linux2)
Python Version 2.3.3 (#1, Apr 6 2004, 01:47:39) [GCC 3.3.3 (SuSE Linux)] 



More information about the Zope-Dev mailing list