[Zope] Permissions and Zope 2.3.x
Ivan Raikov
ivan@faxnet.com
20 Apr 2001 09:04:36 -0400
Hello,
Is there any programmatic way to have a UserFolder-like object
assign the 'View Management Screens' permission to a role different
than Manager? Here's the code that I'm using in vain attempts to
achieve that:
class Practice (AccessControl.User.UserFolder,
Acquisition.Implicit,
Persistence.Persistent,
AccessControl.Role.RoleManager,
OFS.SimpleItem.Item):
.
.
.
manage_options=(
(
{'label':'Contents', 'action':'manage_main',},
{'label':'Security', 'action':'manage_access',},
))
isPrincipiaFolderish = 1
isAUserFolder = 1
.
.
__ac_roles__ = ('Staff', 'Owner', 'Physician')
.
.
manage_main = Globals.DTMLFile('dtml/mainUser', globals())
security = ClassSecurityInfo ()
# Specify how individual operations add up to "permissions":
security.declareObjectProtected('Access practice')
security.declareProtected ('View management screens', 'manage_main')
security.declareProtected ('View management screens', 'manage_tabs')
security.declareProtected ('View', 'index_html')
security.setPermissionDefault ('View', ('Physician', 'Owner'))
security.setPermissionDefault ('View management screens', ('Owner',))
Unfortunately, the user that has a local role of Owner cannot view
the management screens, because the validate method is passed only the
Manager role as a list of possible roles that have access to these
methods. Any suggestions?
Thanks,
Ivan Raikov