Re: [Zope-dev] Re: [OT] digital signature
On Thu, 2002-04-25 at 18:19, Martijn Pieters wrote: On Thu, Apr 25, 2002 at 06:02:19PM +0200, Lennart Regebro wrote: I want a *good* mail program. :-/ I can recommend Mutt. ;) for those who are used to OE I'd recommend Ximian Evolution :) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] ZCatalog: hiding search results from unauthorized users - hack
Hi all, in case someone have same problem as me (see ZCatalog - hiding query results thread for more info) - I got a solution: - create a product that subclasses ZCatalog - in this product overwrite ZCatalog.getobject with def getobject(self, rid): foo obj = self.aq_parent.unrestrictedTraverse(self.getpath(rid),\ restricted=1) return obj - create a python script in your catalog (e.g. filterCat) with a parameter that reoresents the catalog itself (brains here): retval = [] for brain in brains: try: obj = container.getobject(brain.getRID()) retval.append(brain) except: pass return retval - adjust your catalog query reports, so that they call filterCat(_['catalogname']) instead of catalogname Now your users see only those hits in a query which apply to objects they are allowed to View. greetings, Igor ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] ZCatalog - hiding query results
Hi all, I don't know if it's the right list to post to, but I have the following problem: I have several objects (documents, folders etc) that are accessible only by a certain user role, this objects are cataloged. Now if I query the catalog the brains of these objects are returned correctly, but to _all_ users that issue a query. That means, users that don't have the permission to View or Access Content Information can see the brains as well... I tried to filter the result set by converting the brains into real objects (brain.getObject) in an external method (I thought, this way I should be able to exclude unauthorized users by adding the skip_unauthorized to the dtml-in), but that doesn't work since there are brains that are actually NoBrainer instances... Does anyone have an idea of how I could solve this problem? Actually I thought this kind of information hiding is supported by basic ZCatalog machinery, but now it looks like I'll have to hack a workaround... Any help greatly appreciated. Greetings, Igor ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] ZCatalog: hiding search results from unauthorized users - hack
Hi all, in case someone have same problem as me (see ZCatalog - hiding query results thread for more info) - I got a solution: - create a product that subclasses ZCatalog - in this product overwrite ZCatalog.getobject with def getobject(self, rid): foo obj = self.aq_parent.unrestrictedTraverse(self.getpath(rid),\ restricted=1) return obj - create a python script in your catalog (e.g. filterCat) with a parameter that reoresents the catalog itself (brains here): retval = [] for brain in brains: try: obj = container.getobject(brain.getRID()) retval.append(brain) except: pass return retval - adjust your catalog query reports, so that they call filterCat(_['catalogname']) instead of catalogname Now your users see only those hits in a query which apply to objects they are allowed to View. greetings, Igor ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog: hiding search results from unauthorized users - hack
On Fri, 16 Nov 2001 13:19:20 + Steve Alexander [EMAIL PROTECTED] wrote: Now your users see only those hits in a query which apply to objects they are allowed to View. However, you will be loading each object that is a potential query result into memory for every query. That could be a lot of objects. I didn't say it's perfect, it works however... BTW, it's not the View permission but Access content information... obviously :) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )