[Zope] Setting default view permissions on a product to deny anonymous access

Harry Wilkinson harryw@nipltd.com
Mon, 11 Mar 2002 16:43:36 +0000


Hi all :)

I am developing a product (a kind of CMF site) that should refuse anonymous 
access by default.  I would like to write some code for this product so that 
whenever a new instance of it is created, the 'View' permission for that 
instance is set to exclude the role 'Anonymous', and allow the others 
('Authenticated', 'Member', 'Owner', 'Reviewer', 'Manager').

So far I have played around with manage_permissions and have got:

p.manage_permission('View', ['Authenticated', 'Member', 'Manager', 'Owner', 
'Reviewer'], acquire=0)

Unfortunately for me, this means that after the site gets created, I am for 
some reason not authorised to access the object.  If I set acquire=1 so that 
it will acquire permission settings, then I have no problems with that but 
unauthenticated users can also view it :(

Does anybody know what the usual way of setting default permissions for a 
product is?  I don't want to define new permissions, just change the 'view' 
permission.

Thanks : )

Harry