Hi, I have what I think is a fairly simple use case for my Plone site. I want to be able to add a local role dynamically based on two factors - the content of the object, and a given external condition. So I've written a local role plugin, where getRolesInContext() checks these two factors and returns either an empty list or a list containing one item - the new role. This seems to work well. It's the checkLocalRolesAllowed() method I'm having problem with. My logic looks like:
if object has specific content: if external condition is true: return 1 else: return None return None >From looking at the PlonePAS code, it appears that the PloneUser class >iterates through all of the LocalRole plugins, and continues until one of the plugins returns something other than None. But what happens is that the user is still denied access to the object. If I change the last return to "1", the user can access the object, but naturally gets access to everything else as well. Am I missing some basic logic here? Thanks, Stan McFarland _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas