Re: [Zope] Detecting Roles not working
Kapil Thangavelu <[EMAIL PROTECTED]> wrote > Jonathan Cheyne wrote: > > > > Hi all > > > > I have built the basis of a site with full, form-based webediting of > > objects. Coming round to cleanup time and I wanted to remove certain > > visible functions from the default object views unless you have already > > logged in (with various possible roles) > > > > in the index_html of my zclass i have > > > > > > edit this > > > > so if the user is anonymous or logged in without the Staff role assigne > > they should not see the "edit this" link ... > > > > Doesn't work! It basically never returns a 'true' response thus never > > displays the edit this link even when logged in. > > try (untested) > > > or (tested) > > Application code should focus on *permissions*, not on *roles*; the mapping between roles and permissions is essentially arbitrary, and testing for roles sets the application up for strange and mysterious failures. The preferred test would be something like:: edit this Note as well that, if the user has not yet authenticated, suppressing the display of a link which would trigger authentication (if the edit method is guarded, as it should be, by the same "Edit Foo" permission) can leave that user in a Catch-22: they aren't authenticated, and they can't trigger authentication! Tres. -- === Tres Seaver[EMAIL PROTECTED] Digital Creations "Zope Dealers" http://www.zope.org ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Detecting Roles not working
Thanks to Kapil, Geir and Daniel for their various syntaxes. Very enlightening. I did cure it but by accident while experimenting with the solutions offered (so they *were* worth it) The zclass title is displayed a la slashdot or freshmeat in boxes as clickable links drawn from the catalog. If (logged in) I selected them then I was always anonymous. If I manually typed the url/manage then deleted the /manage then I am recognised. Very odd. So I tried a different way of prompting for login - I protected a file in the root. Hey presto, now when I login it is fine. Or seem fine so far. (All syntaxes seem to work, btw) So, a tip for login/recognition issues would be to try authenticating a different way, perhaps further up the tree etc. I had protected the factory and used a link /myfolder/manage_addProduct/blah... to prompt for authentication. Worked for actually *being* authenticated but not for being *detected* as such. Is this a bug? Cheers Jonathan ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Detecting Roles not working
Stolen somewhere from this list, and I don't remember from who. ...is cool to have as well if you ever need it. Let's you not use specific names of ACL's such as "Staff" or "CopyWriter". > > > This works for me, no pun intended :) > > Dan > > Kapil Thangavelu wrote: > > > > Jonathan Cheyne wrote: > > > > > > Hi all > > > > > > I have built the basis of a site with full, form-based webediting of > > > objects. Coming round to cleanup time and I wanted to remove certain > > > visible functions from the default object views unless you have already > > > logged in (with various possible roles) > > > > > > in the index_html of my zclass i have > > > > > > > > > edit this > > > > > > so if the user is anonymous or logged in without the Staff role assigne > > > they should not see the "edit this" link ... > > > > > > Doesn't work! It basically never returns a 'true' response thus never > > > displays the edit this link even when logged in. > > > > try (untested) > > > > > > > or (tested) > > > > > > > > Cheers > > > > Kapil > > > > ___ > > Zope maillist - [EMAIL PROTECTED] > > http://lists.zope.org/mailman/listinfo/zope > > ** No cross posts or HTML encoding! ** > > (Related lists - > > http://lists.zope.org/mailman/listinfo/zope-announce > > http://lists.zope.org/mailman/listinfo/zope-dev ) > > ___ > Zope maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope-dev ) > ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Detecting Roles not working
This works for me, no pun intended :) Dan Kapil Thangavelu wrote: > > Jonathan Cheyne wrote: > > > > Hi all > > > > I have built the basis of a site with full, form-based webediting of > > objects. Coming round to cleanup time and I wanted to remove certain > > visible functions from the default object views unless you have already > > logged in (with various possible roles) > > > > in the index_html of my zclass i have > > > > > > edit this > > > > so if the user is anonymous or logged in without the Staff role assigne > > they should not see the "edit this" link ... > > > > Doesn't work! It basically never returns a 'true' response thus never > > displays the edit this link even when logged in. > > try (untested) > > > or (tested) > > > > Cheers > > Kapil > > ___ > Zope maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Detecting Roles not working
Jonathan Cheyne wrote: > > Hi all > > I have built the basis of a site with full, form-based webediting of > objects. Coming round to cleanup time and I wanted to remove certain > visible functions from the default object views unless you have already > logged in (with various possible roles) > > in the index_html of my zclass i have > > > edit this > > so if the user is anonymous or logged in without the Staff role assigne > they should not see the "edit this" link ... > > Doesn't work! It basically never returns a 'true' response thus never > displays the edit this link even when logged in. try (untested) Cheers Kapil ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
[Zope] Detecting Roles not working
Hi all I have built the basis of a site with full, form-based webediting of objects. Coming round to cleanup time and I wanted to remove certain visible functions from the default object views unless you have already logged in (with various possible roles) in the index_html of my zclass i have edit this so if the user is anonymous or logged in without the Staff role assigned they should not see the "edit this" link ... Doesn't work! It basically never returns a 'true' response thus never displays the edit this link even when logged in. Tried various permutations and variations on this theme without any success. Help! Without this, I am not sure how to customize the interface for different user groups. I am on 2.2.0 but I think it was similar under 2.1.6. Absolutely any clues no matter how obscure would be gratefully received (or indeed the glaringly obvious solution etc :-) Cheers Jonathan ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )