[Zope] FW: Change roles with python
Dieter Maurer
dieter@handshake.de
Sat, 31 May 2003 19:33:12 +0200
Andrew R. Halko wrote at 2003-5-31 10:38 -0400:
> ... domain auth mode ...
> How do you override this setting?
You cannot override it, but when the UserFolder works correctly,
it should use this user only when its roles are sufficient
for the current request. Otherwise, it should return None which
results in an "Unauthorized" response (unless there is a UserFolder
higher up which can authenticate the user with the required roles).
The "sufficient" roles are determined (only) from the published
object (i.e. the one located by traversal).
Try to access an objects viewable only to (e.g.) "Manager"
(e.g. "acl_users/manage_users"). You should get a login
dialog (unless you have been logged in a "Manager").
Dieter