Re: [Zope3-Users] Security Question

2006-04-23 Thread Frank Burkhardt
Hi,

On Sat, Apr 22, 2006 at 05:06:15PM -0500, Jachin Rupe wrote:
> hi there
> 
> Is there a good example out there of setting up security based on some
> sort of ownership system?
> 
> I'm working my way though the Zope book.  What I would like to be able to
> do is allow the User who created a message to edit only "their" messages
> (the messages they created).  I think I've read all the relevant chapters
> of the Zope book and I can't find a place where it explains that.  Did I
> miss is somewhere?

I'm going to implement "object ownership", too. My idea is to assign a role
membership to the user (e.g. 'mysite.Owner') using annotated
per-object-security information (see
zope.app.securitypolicy.interfaces.IPrincipalRoleManager).

I might need a special permission ('mysite.OwnerAccess') which is
ZCML-ed to the 'mysite.Owner' role and used in all the views
I want' to be owner-only.

The role will be assigned on object creation - I'm not sure, if I can use
an event to do so because the request object will be needed to know the
creating principal. In any case it should be possible to assign the role
in the content object's __init__() method.

hth

Regards,

Frank
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users


[Zope3-Users] Security Question

2006-04-22 Thread Jachin Rupe

hi there

Is there a good example out there of setting up security based on  
some sort of ownership system?


I'm working my way though the Zope book.  What I would like to be  
able to do is allow the User who created a message to edit only  
"their" messages (the messages they created).  I think I've read all  
the relevant chapters of the Zope book and I can't find a place where  
it explains that.  Did I miss is somewhere?


Could some one point me in the right direction for figuring this out?

If this isn't in the Zope book it may make a good addition.  There  
are lots of instances I can think of in application where someone  
would want to grant privileges based on ownership.


thanks

-jachin

___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users