[Zope] has_permission for arbitrary user
Mark N. Gibson
mark@kaivo.com
Fri, 7 Sep 2001 17:26:45 -0600 (MDT)
>
> Mark N. Gibson writes:
> > <dtml-if expr="acl_users.getUser('someuser').has_permission('Change DTML
> > Document',this())">
> > Yes
> > <dtml-else>
> > No
> > </dtml-if>
> >
> > Unfortunately, has_permissions seems to be implented to call
> > has_permission on the currently logged in user; i.e. AUTHENTICATED_USER.
> I doubt this very much!
>
> But "getUser" is probably protected.
> You may consider using a proxie role...
>
Here's the code for has_permission from the BasicUser Class
def has_permission(self, permission, object):
"""Check to see if a user has a given permission on an object."""
return getSecurityManager().checkPermission(permission, object)
Draw your own conclusions.
I wrote my own to deal with the problem:
def hasPermissions( user, obj, permissions ):
""" check to see if user has permissions for object """
if type(permissions) == type(''):
roles = [roles]
#get roles for user, include local roles on obj
userRoles=user.getRoles() + obj.get_local_roles_for_userid(user.getUserName())
for perm in permissions:
objRoles=obj.rolesOfPermission(perm)
for oRole in objRoles:
if oRole['name'] in userRoles:
if oRole['selected']:
return 1
return 0
> Dieter
>