[Zope] getting the roles in DTML

Aseem Mohanty aseem@neurobehavioralsystems.com
Wed, 19 Jun 2002 06:53:24 -0700


The problem I have is a bigger one actually and I was doing the same 
thing and getting the expected answer, However after twiddling around 
with a test folder's security options I found I could get through even 
though I had the required roles.

The problem being that I have a custom User Folder loosely based on 
mysqluserfolder, without the cookies and session stuff, for that I use 
Cookie Crumbler and CST. Otherwise the code is pretty much the same with 
midifications to suit my purposes.

Now lets say I have a user with role "X". I set  up a folder that is 
veiwable only be ppl with role X via the security tab. When  try to view 
it, zope refuses entry to me. When I do a AUTHENTICATED_USER.getRoles or
_.SecurityGetUser().getRoles() I get alist that has Authenticated User 
and X in it. I loked up and walked through the validate function in my 
UF and printed out roles just before it calls authorize and the list of 
roles is the same there too.

My authorize function is the following:

authorize__roles__ = ()
    def authorize (Self, user, roles, REQUEST):
        v = REQUEST ['PUBLISHED']     # the published object
        a, c, n, v = Self._getobcontext(v, REQUEST)
   
        allowed = AccessControl.User.BasicUserFolder.authorize (Self, 
user, a, c, n, v, roles)
        
        if not allowed: return None
        else: return user

Its essentially the same as in mysqluserfolder.

However this return None. I do have a roles table in my user source (my 
sql db) and it has the correct entries, so I am unable to figure out why 
this happens.

Any pointers.

AM


Chris Beaven wrote:

> <dtml-var "_.SecurityGetUser().getRoles()">
>
> For quick questions like this, you could always ask in the IRC channel
> (#zope on irc.openprojects.net) ;)
>
> -----Original Message-----
> From: Aseem Mohanty [mailto:aseem@neurobehavioralsystems.com]
> Sent: Thursday, 20 June 2002 1:37 a.m.
> To: zope@zope.org
> Subject: [Zope] getting the roles in DTML
>
>
> Ho can I get the list of roles a user has in DTML??
> TIA
> AM
>

-- ================================================================== 
Aseem Mohanty Neurobehavioral Systems Inc, 828 San Pablo Ave, Albany, CA 
94706 (R) 510 7696011 (M) 510 3014871 (O) 510 5279231 
================================================================== "I 
saw `cout' being shifted "Hello world" times to the left and stopped 
right there!!" -- Steve Gonedes 
==================================================================