Kevin Jones wrote at 2005-8-11 08:38 -0600: >... >My company site allows anonymous visitors to enter a user login >id and password, with the Role 'CoPersonnel'. It then allows >them to create a project page and their project info... > >All is well and good until later, when they login to edit their >page. It works, BUT it gives them permission to edit anyone >else's page that has the Role 'CoPersonnel'! It also seems that >while the first login is successful, they retain an 'Anonymous >User' role. > >These two reside in a "Projects" folder: login_html, acl_users. >The individual projects are located in a "Projects" subfolder: >"projects_current." > >Do the acl_users and login_html file have to reside in the >individual project folder? (BTW, I got the code from "The Book >of Zope.")
There are global and local roles. A global role is assigned to user globally. It applies the the complete subhierarchy governed by the user folder which defined the user. The subhierarchy governed by a user folder is the one whose root contains the user folder. If this does not give you what you need, you have two options: * move the "acl_users" down (such that it governs a smaller subhierarchy) * use "local" roles instead of global ones. -- Dieter _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )