Re: [Zope] Permissions and Instances of ZClasses
Dave Case wrote at 2005-10-26 15:32 -0700: I'm trying to build a product through the ZMI (like the example in The Zope Book), I have some DTML methods in a ZClass were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product. What does that mean? Do you see the corresponding Permission object in your product? ... When I look around in the Permissions and Define Permissions of the various objects (both the ZClass, and the DTML methods), I don't see my permission in the lists, except for under 'Class Permissions' in the Permissions tab for the ZClass (were I have highlighted it, which I assume is correct?) The call to SecurityCheckPermission() looks like this... dtml-if expr=_.SecurityCheckPermission('Manage Diary',this()) Do you get any errors (full error information is always vital when you report problems; in case of Errors, this includes at least Error type, Error value and the traceback!). But, I suppose that you misunderstand how permissions work (in general and with ZClasses in particular). SecurityCheckPermission(P,o) will only return true when the current user has permission P on object o. The user - role and role - permission mapping determine this fact. Thus, unless you adapted a role - permission mapping, only the Zope Manager will have this permission (by default). A ZClass combines some objects whose methods are protected by specific permissions. You may want to change these permissions for your ZClass components. Therefore, you can define permissions (Define permissions tab) available for this purpose. Then, in your specific object, you can use the Permission mapping tab to map the objects permissions to some of your own. -- Dieter ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Permissions and Instances of ZClasses
Dave Case wrote: Aha, so I've awakened the local Troll, my apologies to the rest of the list for setting him off. Not exactly, just tired of people pulling the trigger 'cos they find a gun pointed at their foot. (Oh, and then complaining that their foot is a bleeding mess ;-) Yes, don't do it, at least not like this. Look at building a filesystem absed prdocut which is marginally saner... It was the first thing I tried; but since (once again) I couldn't find much documentation I tried something else (the example in the Zope book...). Go back to this, explain what problems you had and I'll try and help... Chris -- Simplistix - Content Management, Zope Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Permissions and Instances of ZClasses
Dave Case wrote: I'm trying to build a product through the ZMI (like the example in The Zope Book), For the love of god, please don't ;-) I have some DTML methods waaghhh... in a ZClass ow, ow, stop hurting me... were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product. Why? The call to SecurityCheckPermission() looks like this... dtml-if expr=_.SecurityCheckPermission('Manage Diary',this()) *schniff* I'm thinking maybe I'm calling SecurityCheckPermission in the wrong context? Making a product certainly can be confusing at times. :) Yes, don't do it, at least not like this. Look at building a filesystem absed prdocut which is marginally saner... Chris -- Simplistix - Content Management, Zope Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Permissions and Instances of ZClasses
On 10/27/05, Chris Withers [EMAIL PROTECTED] wrote: Dave Case wrote: I'm trying to build a product through the ZMI (like the example in The Zope Book), For the love of god, please don't ;-) Look, I know what I'm doing is not cool, but since cool has no documentation, I'm doing what I can. I have some DTML methods waaghhh... Ditto in a ZClass ow, ow, stop hurting me... Aha, so I've awakened the local Troll, my apologies to the rest of the list for setting him off. were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product. Why? Because there are links to management interfaces I don't want an unauthenticated user to see. The call to SecurityCheckPermission() looks like this... dtml-if expr=_.SecurityCheckPermission('Manage Diary',this()) *schniff* Granted this is a standard cookbook call to SecurityCheckPermission, but I thought maybe I was calling it wrong from within the product, so I thought I would ask. Yes, don't do it, at least not like this. Look at building a filesystem absed prdocut which is marginally saner... It was the first thing I tried; but since (once again) I couldn't find much documentation I tried something else (the example in the Zope book...). -- David Case [EMAIL PROTECTED] www.builddiary.net ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Permissions and Instances of ZClasses
I'm trying to build a product through the ZMI (like the example in The Zope Book), I have some DTML methods in a ZClass were I want to be able to do a SecurityCheckPermission() on a permission that I have defined in the containing product. When I view the instance of the DTML, it doesn't see the permission. I'm able to at least see the 'View' permission... When I look around in the Permissions and Define Permissions of the various objects (both the ZClass, and the DTML methods), I don't see my permission in the lists, except for under 'Class Permissions' in the Permissions tab for the ZClass (were I have highlighted it, which I assume is correct?) The call to SecurityCheckPermission() looks like this... dtml-if expr=_.SecurityCheckPermission('Manage Diary',this()) I'm thinking maybe I'm calling SecurityCheckPermission in the wrong context? Making a product certainly can be confusing at times. :) Thanks! -- David Case [EMAIL PROTECTED] www.builddiary.net ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )