Thanks Christophe I tried to configure a Principal annotation for 'roles' but I am afraid I have come up blank. Here is what I did...
# Create a principal Annotations Utility (as recommeded by CC) from zope.component import provideUtility, provideAdapter from zope.app.principalannotation import PrincipalAnnotationUtility from zope.app.principalannotation.interfaces import IPrincipalAnnotationUtility annotationsUtility = PrincipalAnnotationUtility() provideUtility(annotationsUtility, IPrincipalAnnotationUtility) # Create a content object for testing import zope.interface from zope.annotation.interfaces import IAttributeAnnotatable class Ob(object): zope.interface.implements(IAttributeAnnotatable) ob = Ob() # Create a principal from zope.security.interfaces import IPrincipal from zope.interface import implements class Principal: implements(IPrincipal) def __init__(self, id): self.id = id self.groups = [] principal = Principal('bob') # Annotate the Principal with test roles - This my guess at how the # PrincipalAnnotation utility should be used import zope.securitypolicy.role role1=zope.securitypolicy.role.Role('role1', 'Role One') role2=zope.securitypolicy.role.Role('role2', 'Role Two') annotations = annotationsUtility.getAnnotations(principal) annotations.data['roles'] = [role1, role2] # Create an interaction and use it to link the principal to the object import zope.securitypolicy.zopepolicy interaction = zope.securitypolicy.zopepolicy.ZopeSecurityPolicy() class Participation: interaction = None participation = Participation() participation.principal = principal interaction.add(participation) # Verify that it is configured interaction.checkPermission('P1', ob) from zope.security.checker import CheckerPublic interaction.checkPermission(CheckerPublic, ob) # Get the RoleManager adapter. This should tell me what roles # the Principal has in the context of my object from zope.securitypolicy.interfaces import IRolePermissionManager, IPrincipalRoleManager, IPrincipalPermissionManager roleper = IRolePermissionManager(ob) prinrole = IPrincipalRoleManager(ob) prinper = IPrincipalPermissionManager(ob) # List the Roles and permissions print roleper.getRolesAndPermissions() Unfortunately, this prints [], an empty list of roles and permissions. I expected to see the two roles I annotated the Principal with. I could be just using the wrong types or name for the annotation. Do you have any example I could follow? Thanks Kevin _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )