[Zope] Access Rule
Dylan Reinhardt
zope@dylanreinhardt.com
24 Jun 2003 09:32:39 -0700
On Tue, 2003-06-24 at 07:20, Andrew R. Halko wrote:
> I created an access rule in Plone, not the root and I need to find if a
> user is logged in. I was told that can't be done,
Not without some work, anyway. :-)
> but doesn't there
> have to be a something transferred between pages to tell if someone is
> logged in.
Zope doesn't have the same notion of "logged in" and "sessions" that
other systems do. Once you've authenticated, your authentication will
persist so long as you keep that browser open. You remain "logged in"
even between server restarts. I've maintained sessions like this for
weeks at a time; in theory you could stay logged in forever.
Knowing this, your question can be re-framed as "how can I check which
users have authenticated and/or used the system in the last X minutes?"
You'll want to create some method that records a timestamp related to a
userid. Call this method whenever a "session-maintaining" event (i.e.,
a login or request) takes place. One way to do this would be to call
your "session" method in a header/footer method.
Then create another method that can extract this information such that
you can determine which users have accessed the system recently and/or
check a specific user's currency.
There are any number of ways you can implement this... properties, an
RDBMS, a custom product... but that's the general approach I'd take.
HTH,
Dylan