[Zope] Using an object's permissions and ownership properties

Michael Long mlong@datalong.com
Tue, 01 Apr 2003 10:11:20 -0500


 how would I go about implementing this?
> 
> you don't have to use the ownership attribute. The owner automagically
> has a role "Owner" on objects he/she owns.
> 
> So restricting access to only allow the "Owner" role to access these
> functions should get you where you want.
> 
> These restrictions can be set just as you would other permissions, and
> the "Owner" role is no more special than the Manager or Anonymous
> ones.
> 
> For more info, see the security chapter in the latest edition of the
Zope book


This is the behavior I expected. This is how permissions have been
implemented:

  security.declareProtected('Owner', 'addEntryForm')
  def addEntryForm(self, REQUEST=None):
     "Method to show form used to add an entry to an AddresBook"
     Content_Main =  PageTemplateFile('addEntryForm.pt', _wwwdir)
     setattr(PMAddressBooklet, 'Content_Main', Content_Main)
     if REQUEST is not None:
        return self.Template_index_html(self, REQUEST)

  #Declare permission defaults
  security.setPermissionDefault('Owner', ['Manager', 'Owner'])

What am I missing?

Thanks