[Zope] hasRole (Bug or My brain is dead?)
Randall F. Kern
randy@spoke.net
Thu, 19 Apr 2001 08:27:35 -0700
hasRole is just there to confuse... use:
_.SecurityGetUser().has_role('Manager', index_html)
instead. (The second ob argument is optional).
-Randy
> -----Original Message-----
> From: The Doctor What [mailto:docwhat@gerf.org]
> Sent: Thursday, April 19, 2001 7:52 AM
> To: zope@zope.org
> Subject: [Zope] hasRole (Bug or My brain is dead?)
>=20
>=20
> Okay, I have this in a dtml method called by a dtml document...
> (This does the same, btw from the dtml document directly)
>=20
> <hr>
> <dtml-var expr=3D"_.SecurityGetUser().getUserName()">
> <br>
> <dtml-var expr=3D"AUTHENTICATED_USER.hasRole('Manager', index_html)">
> <br>
> <dtml-var expr=3D"AUTHENTICATED_USER.hasRole('Manager')">
> <br>
> <dtml-var expr=3D"'Manager' in _.SecurityGetUser().getRoles()">
> <br>
>=20
> From a non-logged in browser I get:
> Anonymous User
> 1
> 1
> 0
>=20
> From a logged in browser (with Manager Role):
> docwhat
> 1
> 1
> 1
>=20
> The problem here is that AUTHENTICATED_USER does *not* have the role
> of 'Manager', despite zope's claims to the contrary!
>=20
> I have tried swapping in and out _.SecurityGetUser() for
> AUTHENTICATED_USER and have made sure this isn't a caching/proxy
> problem.
>=20
> Am i brain dead here? This is zope 2.3.1
>=20
> I am currently using the last one (as it works) but shouldn't the
> first ones work too?
>=20
> Ciao!
>=20
> --=20
> A hacker does for love what others would not do for money.
>=20
> The Doctor What: Need I say more? =20
http://docwhat.gerf.org/
docwhat@gerf.org
KF6VNC