Re: [Zope] Permissions and Instances of ZClasses
Dave Case wrote at 2005-10-26 15:32 -0700:
I'm trying to build a product through the ZMI (like the example in
The Zope Book), I have some DTML methods in a ZClass were I want to be
able to do a SecurityCheckPermission() on a permission that I have
defined in the containing product.
What does that mean?
Do you see the corresponding Permission object in your product?
...
When I look around in the Permissions and Define
Permissions of the various objects (both the ZClass, and the DTML
methods), I don't see my permission in the lists, except for under
'Class Permissions' in the Permissions tab for the ZClass (were I
have highlighted it, which I assume is correct?)
The call to SecurityCheckPermission() looks like this...
dtml-if expr=_.SecurityCheckPermission('Manage Diary',this())
Do you get any errors (full error information is always vital
when you report problems; in case of Errors, this includes
at least Error type, Error value and the traceback!).
But, I suppose that you misunderstand how permissions work (in general
and with ZClasses in particular).
SecurityCheckPermission(P,o) will only return true when
the current user has permission P on object o.
The user - role and role - permission mapping determine this
fact.
Thus, unless you adapted a role - permission mapping,
only the Zope Manager will have this permission (by default).
A ZClass combines some objects whose methods are protected by
specific permissions. You may want to change these permissions
for your ZClass components. Therefore, you can define permissions
(Define permissions tab) available for this purpose.
Then, in your specific object, you can use the Permission mapping
tab to map the objects permissions to some of your own.
--
Dieter
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Permissions and Instances of ZClasses
Dave Case wrote: Aha, so I've awakened the local Troll, my apologies to the rest of the list for setting him off. Not exactly, just tired of people pulling the trigger 'cos they find a gun pointed at their foot. (Oh, and then complaining that their foot is a bleeding mess ;-) Yes, don't do it, at least not like this. Look at building a filesystem absed prdocut which is marginally saner... It was the first thing I tried; but since (once again) I couldn't find much documentation I tried something else (the example in the Zope book...). Go back to this, explain what problems you had and I'll try and help... Chris -- Simplistix - Content Management, Zope Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Permissions and Instances of ZClasses
Dave Case wrote:
I'm trying to build a product through the ZMI (like the example in
The Zope Book),
For the love of god, please don't ;-)
I have some DTML methods
waaghhh...
in a ZClass
ow, ow, stop hurting me...
were I want to be
able to do a SecurityCheckPermission() on a permission that I have
defined in the containing product.
Why?
The call to SecurityCheckPermission() looks like this...
dtml-if expr=_.SecurityCheckPermission('Manage Diary',this())
*schniff*
I'm thinking maybe I'm calling SecurityCheckPermission in the wrong
context? Making a product certainly can be confusing at times. :)
Yes, don't do it, at least not like this. Look at building a filesystem
absed prdocut which is marginally saner...
Chris
--
Simplistix - Content Management, Zope Python Consulting
- http://www.simplistix.co.uk
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Permissions and Instances of ZClasses
On 10/27/05, Chris Withers [EMAIL PROTECTED] wrote:
Dave Case wrote:
I'm trying to build a product through the ZMI (like the example in
The Zope Book),
For the love of god, please don't ;-)
Look, I know what I'm doing is not cool, but since cool has no
documentation, I'm doing what I can.
I have some DTML methods
waaghhh...
Ditto
in a ZClass
ow, ow, stop hurting me...
Aha, so I've awakened the local Troll, my apologies to the rest of the
list for setting him off.
were I want to be
able to do a SecurityCheckPermission() on a permission that I have
defined in the containing product.
Why?
Because there are links to management interfaces I don't want an
unauthenticated user to see.
The call to SecurityCheckPermission() looks like this...
dtml-if expr=_.SecurityCheckPermission('Manage Diary',this())
*schniff*
Granted this is a standard cookbook call to SecurityCheckPermission,
but I thought maybe I was calling it wrong from within the product, so
I thought I would ask.
Yes, don't do it, at least not like this. Look at building a filesystem
absed prdocut which is marginally saner...
It was the first thing I tried; but since (once again) I couldn't find
much documentation I tried something else (the example in the Zope
book...).
--
David Case
[EMAIL PROTECTED]
www.builddiary.net
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Permissions and Instances of ZClasses
I'm trying to build a product through the ZMI (like the example in
The Zope Book), I have some DTML methods in a ZClass were I want to be
able to do a SecurityCheckPermission() on a permission that I have
defined in the containing product. When I view the instance of the
DTML, it doesn't see the permission. I'm able to at least see the
'View' permission... When I look around in the Permissions and Define
Permissions of the various objects (both the ZClass, and the DTML
methods), I don't see my permission in the lists, except for under
'Class Permissions' in the Permissions tab for the ZClass (were I
have highlighted it, which I assume is correct?)
The call to SecurityCheckPermission() looks like this...
dtml-if expr=_.SecurityCheckPermission('Manage Diary',this())
I'm thinking maybe I'm calling SecurityCheckPermission in the wrong
context? Making a product certainly can be confusing at times. :)
Thanks!
--
David Case
[EMAIL PROTECTED]
www.builddiary.net
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
