[Zope] AUTHENTICATED_USER?

Michel Pelletier michel@digicool.com
Wed, 12 Jan 2000 14:23:17 -0500


> -----Original Message-----
> From: Guy Davis [mailto:davis@arc.ab.ca]
> Sent: Wednesday, January 12, 2000 1:49 PM
> To: zope@zope.org
> Subject: [Zope] AUTHENTICATED_USER?
> 
> 
> I am trying to disallow anonymous access for all but a handful of
> domains.  This is easy to do with Apache, but how can it be done with
> Zope?
> 
> The only thing I could think of was to have the following in the
> standard_html_header.
> 
> <dtml-if "AUTHENTICATED_USER == 'Anonymous User'" >
>     {if remote address is acceptable}
> 	{show the true page}
>     {else show an error message}
> <dtml-else>
>     {show the true page}
> </dtml-if>
> 
> However the above expression never evaluates to true even when
> <dtml-var AUTHENTICATED_USER> shows 'Anonymous User' on the 
> same page. 

That is because AUTHENTICATED_USER is an object whose __str__() method
prints the user name as a string.  This is not the same thing as the
user object being *equal* to a string.

> If I try to use string.find(), Zope complains that 
> AUTHENTICATED_USER is
> a bad arguement.  

Because it's type is not string, it is a user object.

Compare 'Anonymous User' with AUTENTICATED_USER.getUserName()

-Michel