[Zope-PAS] struggling with Local Role plugin
Stan McFarland
sfmcfar at gmail.com
Wed Apr 11 11:11:51 EDT 2007
Hi,
I have what I think is a fairly simple use case for my Plone site. I want to
be able to add a local role dynamically based on two factors - the content of
the object, and a given external condition. So I've written a local role
plugin, where getRolesInContext() checks these two factors and returns either
an empty list or a list containing one item - the new role. This seems to work
well. It's the checkLocalRolesAllowed() method I'm having problem with. My
logic looks like:
if object has specific content:
if external condition is true:
return 1
else:
return None
return None
>From looking at the PlonePAS code, it appears that the PloneUser class iterates
through all of the LocalRole plugins, and continues until one of the plugins
returns something other than None. But what happens is that the user is still
denied access to the object. If I change the last return to "1", the user can
access the object, but naturally gets access to everything else as well.
Am I missing some basic logic here?
Thanks,
Stan McFarland
More information about the Zope-PAS
mailing list