I'm confused about the way Zope restricts access to products such as Confera.
I think I know about adding users, and setting their roles, and setting permissions on
objects. Acquisitional Zen escapes me, but I suppose I know enough of it to get
along. Unfortunately, when I put this all into practice, things don't work the way I
think they should!
I'm just trying to do simple stuff here. Let's say we have a Zope website on sailing.
It has a public section which everyone is invited to view, and a section we wish to
restrict just to sailboat captains. The default works well for the public pages, but
we have to do some special things in order to make the restricted stuff restricted.
So we create a role of "captain". In the acl_users folder for the pages we want to
restrict, we add the user "Blackbeard" and give him a captain role. In the
to-be-restricted folder, under the security tab, we check the "Access contents
information", "Can Login and Logout", and "View" roles under "captain", then tediously
uncheck all of the "Acquire permission settings". Things are just fine so far, I
think. Blackbeard can get in, and everyone else is kept out.
The problem is when we want to add a product like Confera, and only let Blackbeard and
his captain buddies use it. There is apparently something very different about the
way Zope handles products. Obviously, there are several more permissions that need to
be checked due to the added functionality, such as "Add Confera Topics" etc., but
regardless of how many permissions I check under the captain role, Zope+Confera will
not let Blackbeard or the other captains in!
What am I missing here?
Get your free email from AltaVista at http://altavista.iname.com
___
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )