Hi, what is Zope supposed to do, when there are conflicting security annotations applied to an object?
I'd like to make an object inaccessible - except for members of a given role. This is how it should look like: grantPermissionToRole('zope.View','role.admins',Allow) denyPermissionToRole('zope.View','zope.Anybody',Deny) Is this possible? If not, why? Maybe there's a more elegant solution? 'zope.Anybody' is defined as a "group" in etc/principals.zcml. Can I use it like a role? Is there a role, any anonymous user *and* any authenticated user is automagically assigned to? Thank you for any help. Regards, Frank _______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users