On Thu, 9 Nov 2000, Charlie Wilkinson wrote:
/ (Root Folder)
/ acl_test (ACL Test Folder)
acl_users (User Folder)
index_html (Test Document)
Now, referring to figure 1, changes to security settings for the acl_test
folder are having no effect on access to index_html. Only when I change
the security settings on index_html itself, can I control access to it.
So what this boils down to is that as of v2.2.whatever, an acl_users
folder apparently does not protect the folder it's in (parent folder),
but only it's sibling objects and below. Meaning that instead of setting
permissions on the parent object and being done with it, one now has to
set permissions for each sibling. In my case that's 50 or more objects
and I'm not done coding yet. Ouch! This *can't* be right, can it?
I know there's a lot that's happened with the security model, so I'm
really *really* hoping this is just a bug that's crept in.
This is the way Zope has always behaved, unless my memory is failing me.
Here's a thought to consider: In your model, the root acl_users would have
to appear _above_ the root folder (/) in the hierarchy for things to
function correctly. As it stands, acl_users in the root folder affects all
things in the root folder and below. As it stands, your acl_users (in
acl_test) affects all things in your acl_test folder and below. This is
consistent.
If you have 50 or so objects, and setting permissions is the obstacle,
simply write a Python Method (or DTML, if you prefer) to iterate over the
50 and tweak them. Then, you won't have to manually do the work through
the management interface.
Thanks for any clues,
Hope this helps,
Charlie
--Jeff
---
Jeff K. Hoffman 704.849.0731 x108
Chief Technology Officer mailto:[EMAIL PROTECTED]
Going Virtual, L.L.C. http://www.goingv.com/
___
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )
