[Zope] User Authentication Question

James W. Howe jwh@allencreek.com
Fri, 18 Feb 2000 16:47:23 -0500


At 02:09 PM 2/18/00 -0700, Bill Anderson wrote:
>James W. Howe wrote:
>
><concern about visibility of objects for which the current user has no 
>authority>
>
>If I understand you correctly, you should just need to create zclasses
>for the objects (or do ti in python, if you prefer) 'issues',
>'classifieds', etc., and assign different permissions. For example, the
>ClassifiedAd Objects would look for a role of "ClassifiedManager" or
>something like that, and only the person managing the ads has that role,
>so they can modify.
>
>Then you just test for the role when displaying the content. If the
>person has the correct role (eg. ClassifiedManger), he can see the
>Content (eg. Classified Ads). ROles can do this with ease, if IUYC.
=

I'm sort of using that approach.  However, my ZClass instances are 
contained in a top level folder.  When a user authenticates as an "ad 
manager" to the "folder/manage" method, this user will not only see folders 
which contain classified ads but folders containing issue information (I 
have ZClasses for IssueFolder and AdFolder, for example).  What I want to 
have happen is if the authenticated user is an ad manager, they see only 
the objects which have a viewable permission for the users role.  I don't 
want the user to see the object.  As far as the user is concerned, these 
objects don't even exist.  I can think of ways to do this, but they all 
involve more work than I would like to do, particularly if I'm just not 
understanding some capability of Zope.

Thanks.

James W. Howe				mailto:jwh@allencreek.com
Allen Creek Software, Inc.		pgpkey: http://ic.net/~jwh/pgpkey.html		
Ann Arbor, MI  48103