[Zope] check permission problem

Clemens Klein-Robbenhaar robbenhaar@espresto.com
Fri, 6 Sep 2002 18:31:53 +0200 (CEST)


John Hunter writes:
 [...]
 > 
 > What happens instead is that the anonymous user gets asked for a
 > password when visiting the site home index_html, which includes the
 > standard_html_header.  It appears that zope is trying to access the
 > contents of login_py in the call to 
 > 
 >       <dtml-if "_.SecurityCheckPermission('View', login_py)">
 > 
 > rather than simply check the permission, which surprises me.

 Well, the anonymous visitor _is_ accessing "login_py" actually.
(Zope does not check permissions on function call, but on attribute
access.)

 Thus Your idea does not work that way. 
Instead You could check directly, if the user is anonymous, by
inspecting 
  "_.SecurityGetUser().getUserName=='Anonymous User'"
or the like (sorry, if forgot the proper incantation ...)

cheers,
clemens