[Zope] Please help with authentication problem

Jim Harrison jhrsn at pitt.edu
Mon Feb 9 18:55:07 EST 2004


I hope someone can help me with this issue:

I'm providing read-only access to users of a set of Zwiki pages (I don't
think this is particularly a Zwiki problem). If the users authenticate and
have editing permission, a list of links at the top of the page should
change to hide a "log in" link and show an "edit" link. Both of these
changes are done by checking whether the user has permission to edit--here's
the code to display the edit link:

<span tal:condition="python:user.has_permission('Zwiki: Edit pages',here)">
<a href="#" tal:attributes="href python:here.page_url() + '/editform'; title
python:'edit this page (' + here.linkTitle() + ')'">Edit</a> |
</span>

Currently, permission for editing is granted to Authenticated, Manager and
Owner. In the future, it would be nice to have finer control, which is one
reason I'd particularly like to check for editing permission with respect to
showing the edit menu.

I thought I would authenticate the users by setting up a small protected
page template that would get called against the current page of the user
when the login link was clicked. The template would force a login and then
redirect back to the page the user started from.

When I do that, it does force a login and redirect, but the menus do not
change after the redirect. However, the user is logged in--if I try this
with a manager password, I can type "manage" against the site url and
immediately jump into the management interface without additional login.
After doing this, when I return to the wiki pages, the login link is hidden
and the edit link shows as it should. The following do not work: manually
reloading the page, jumping after login to a separate "login successful"
page and then linking back to the wiki pages, or visiting extraneous pages
in between. The only thing that makes the menus change correctly is to visit
the management interface (without further login) and then return to the wiki
pages.

I wondered whether this was a browser page cache issue (or a Zope cache
issue), but the correct response after visiting the management interface is
mystifying. Should I be pushing additional data to the user's browser or
forcing a cache or page lifetime change somewhere?

Zope 2.61, Zwiki 0.27.1 (this happened with 21.1), MacOSX 10.2.6

Thanks for any advice...

Jim Harrison
Univ. of Pittsburgh



More information about the Zope mailing list