[Zope] Invoking a Protected CMF Method
Zope
jhgfjhgfjhgfjhgfjhgf@hotmail.com
Fri, 3 Aug 2001 10:27:44 +0100
This is a multi-part message in MIME format.
------=_NextPart_000_007A_01C11C06.EEEEE660
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
How about for just that DTML method, change the Proxy Roles to manager =
in the Proxy Tab?
Just an idea
Cheers
Tim
----- Original Message -----=20
From: Mark Snellings=20
To: zope@zope.org=20
Sent: Thursday, August 02, 2001 1:44 PM
Subject: [Zope] Invoking a Protected CMF Method
I've written a DTML Method which builds a user roster and then =
accesses the portal_membership record for each of these users to output =
their email address. The method works fine as long as the user is a =
Portal Manager since the getMemberById method is protected by permission =
ManagePortal.
I have an automated process which every so often will invoke the =
method (via http request) to retrieve the email addresses of all the =
portal users. The problem is that the method is not working properly =
because when the http request is invoked, the request is treat as an =
anonymous user. What must I do get this to work?
I have tried to specify a userid:password on the http request, but =
Zope is not using this as the userid for the CMF access. Is there a way =
to specify userid/password in the URL so that I can access the DTML =
method which as I said can only be invoked by a Portal Manager.
I've considered adding a non-Protected method to MembershipTool.py, =
but I really don't want to be modifying CMF.
Any suggestions?
Thanks
Mark Snellings
Stellar Communications, LLC
msnellings@stellarcomms.com
------=_NextPart_000_007A_01C11C06.EEEEE660
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>How about for just that DTML method, =
change the=20
Proxy Roles to manager in the Proxy Tab?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Just an idea</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Cheers</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Tim</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dmsnellings@stellarcomms.com=20
href=3D"mailto:msnellings@stellarcomms.com">Mark Snellings</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A title=3Dzope@zope.org=20
href=3D"mailto:zope@zope.org">zope@zope.org</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Thursday, August 02, 2001 =
1:44=20
PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> [Zope] Invoking a =
Protected CMF=20
Method</DIV>
<DIV><FONT face=3DArial size=3D2></FONT><BR></DIV>
<DIV><FONT size=3D2><SPAN class=3D511363012-02082001>I've written a =
DTML Method=20
which builds a user roster and then accesses the portal_membership =
record for=20
each of these users to output their email address. The method =
works fine=20
as long as the user is a Portal Manager since the getMemberById =
method is=20
protected by permission ManagePortal.</SPAN></FONT></DIV>
<DIV><FONT size=3D2><SPAN =
class=3D511363012-02082001></SPAN></FONT> </DIV>
<DIV><FONT size=3D2><SPAN class=3D511363012-02082001>I have an =
automated process=20
which every so often will invoke the method (via http request) to =
retrieve the=20
email addresses of all the portal users. The problem is that the =
method=20
is not working properly because when the http request is invoked, the =
request=20
is treat as an anonymous user. What must I do get this to=20
work?</SPAN></FONT></DIV>
<DIV><FONT size=3D2><SPAN =
class=3D511363012-02082001></SPAN></FONT> </DIV>
<DIV><FONT size=3D2><SPAN class=3D511363012-02082001>I have tried to =
specify a=20
userid:password on the http request, but Zope is not using this as the =
userid=20
for the CMF access. Is there a way to specify userid/password in =
the URL=20
so that I can access the DTML method which as I said can only be =
invoked by a=20
Portal Manager.</SPAN></FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D511363012-02082001>I've =
considered=20
adding a non-Protected method to MembershipTool.py, but I really don't =
want to=20
be modifying CMF.</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D511363012-02082001></SPAN></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D511363012-02082001>Any=20
suggestions?</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN=20
class=3D511363012-02082001><BR>Thanks</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D511363012-02082001>Mark =
Snellings</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN =
class=3D511363012-02082001>Stellar=20
Communications, LLC</SPAN></FONT></DIV>
<DIV><FONT face=3DArial size=3D2><SPAN class=3D511363012-02082001><A=20
=
href=3D"mailto:msnellings@stellarcomms.com">msnellings@stellarcomms.com</=
A></SPAN></FONT></DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_007A_01C11C06.EEEEE660--