[Zope] Security question...

pskipwort@touchcorp.com pskipwort@touchcorp.com
Wed, 29 Jan 2003 10:11:44 +1100 

Thanks Hans...

It's nearly what I want...except the report will still be visible on the 
previous menu - I guess the user would be able to click on it, but they 
would be redirected to another page. It's a bit dirty - I wish there was 
a better option! I'll keep fiddling :)

P


-----Original Message-----
From: H.de.Wit@SFK.NL [mailto:H.de.Wit@SFK.NL]
Sent: Tuesday, 28 January 2003 7:56 PM
To: Peter Skipworth; zope@zope.org
Subject: Re: [Zope] Security question...



It is a little cheap, but this should work:
You can exclude the two users (it is 1 report, isn't?) by adding a call 
to
a pythonscript to your report.
content of the pythonscript something like this:

from AccessControl import getSecurityManager
user = getSecurityManager().getUser()
if user=="George" or name=="Saddam":
  target='www.friendsforever.org'
  RESPONSE.redirect(target)
  return  # i don't know why, but this return seems to be necessary.

Hans de Wit
Stichting Farmaceutische Kengetallen
Postbus 30460
2500 GL  DEN HAAG
Tel. 070-3737448
Fax 070-3737445


|---------+--------------------------->
|         |           pskipwort@touchc|
|         |           orp.com         |
|         |           Sent by:        |
|         |           zope-admin@zope.|
|         |           org             |
|         |                           |
|         |                           |
|         |           28-01-2003 05:36|
|         |                           |
|---------+--------------------------->
  
>-----------------------------------------------------------------------
------------------------------------------------------------------------
---|
  |                                                                      
                                                                         
   |
  |        To:      zope@zope.org                                        
                                                                         
   |
  |        cc:                                                           
                                                                         
   |
  |        Subject: [Zope] Security question...                          
                                                                         
   |
  
>-----------------------------------------------------------------------
------------------------------------------------------------------------
---|




I thought this might be in the FAQ, but can't seem to find it in
there...

I have a particular report which I want "Everyone with Role 'A' to be
able to View except for users U1 and U2'

I do not want to remove U1 and U2 from Role A globally - is there an
easy of of locally removing 'View' permission for 2 specific users, and
retain View permissions for other users sharing the role ?

Thanks,

P


PETER SKIPWORTH
SYSTEM ADMINISTRATOR
TOUCHCORP LTD
TELEPHONE 03 9635 2626
www.touchcorp.com




_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )






_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )