Re: [Zope] inserting half a dtml tag into a zclass

[Tim Hicks]

- Original Message -
From: Dieter Maurer [EMAIL PROTECTED]
To: Tim Hicks [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Friday, December 29, 2000 9:38 AM
Subject: Re: [Zope] inserting half a dtml tag into a zclass


 Tim Hicks writes:
   This is a multi-part message in MIME format.
  
   --=_NextPart_000_0009_01C07071.533E96C0
   Content-Type: text/plain;
   charset="iso-8859-1"
   Content-Transfer-Encoding: quoted-printable
 You are here long enough: you should know, we do not like MIME
 messages.

My apologies. You're right, I do know better... my mistake.  Also, apologies
for the delayed reply, I've been away.


   ... isolating privacy checks ...
   dtml-var privacy
   dtml-var standard_html_header
   dtml-var standard_html_footer
   /dtml-if

 I know about 2 possible approaches:

  I. let your "privacy" method return a value (using "dtml-return")
 and check it above:

 dtml-if privacy
   ...header...
   ...
   ...footer...
 /dtml-if


I've gone for a 'method' based on this first idea of yours.  Here is what
appears in each zclass instance.

dtml-call privacy
dtml-if "available == 1"
dtml-call "RESPONSE.redirect(restricted+'/restricted.html')"
dtml-else
dtml-var standard_html_header

dtml-var standard_html_footer
/dtml-if

And here is the privacy method.

dtml-call "REQUEST.set('available', 0)"
dtml-if "propertyLabel(availability) == 'private'"
dtml-call "REQUEST.set('available', 1)"
/dtml-if

dtml-call "REQUEST.set('dom', _.string.split(REQUEST.REMOTE_ADDR, '.'))"
dtml-if "dom[0] == '192'"
dtml-if "dom[1] == '168'"
dtml-call "REQUEST.set('available', 0)"
/dtml-if
/dtml-if

dtml-in PARENTS
dtml-let PARENT="_.getitem('sequence-item')"
dtml-if "PARENT.hasProperty('dehs_site_root_folder')"dtml-call
"REQUEST.set('restricted', PARENT.absolute_url())"/dtml-if
/dtml-let
/dtml-in


It's not perfect (that would be when there is nothing for the user to break
in each instance), but it's better than it was and also allows me to edit
only one privacy method to change the access rights.


  II. I think (this implies, I am not sure), that ZPublisher
  translates exceptions into HTTP response codes.
  This would mean, you could try:

In your "privacy" method:
   
   dtml-call "RESPONSE.redirect(...)"
   dtml-raise type="Redirect"/dtml-raise
   

in your other objects:

   dtml-call privacy
   ...header...
   
   ...footer...


You've lost me a bit there.  Where am I actually checking to see if the user
has access rights?

Cheers

tim


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] inserting half a dtml tag into a zclass

[Dieter Maurer]

Tim Hicks writes:
II. I think (this implies, I am not sure), that ZPublisher
translates exceptions into HTTP response codes.
This would mean, you could try:
  
  In your "privacy" method:
 
 dtml-call "RESPONSE.redirect(...)"
 dtml-raise type="Redirect"/dtml-raise
 
  
  in your other objects:
  
 dtml-call privacy
 ...header...
 
 ...footer...
  
  
  You've lost me a bit there.  Where am I actually checking to see if the user
  has access rights?
When I use "", this means something
you have provided or will fill in with application specific code.

Thus, in your privacy method:

     !-- do your checks --
  !-- you come here, when they fail --
  dtml-call "RESPONSE.redirect(...)"
  dtml-raise type="Redirect"/dtml-raise


Dieter
  


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] inserting half a dtml tag into a zclass

[Dieter Maurer]

Tim Hicks writes:
  This is a multi-part message in MIME format.
  
  --=_NextPart_000_0009_01C07071.533E96C0
  Content-Type: text/plain;
   charset="iso-8859-1"
  Content-Transfer-Encoding: quoted-printable
You are here long enough: you should know, we do not like MIME
messages.

  ... isolating privacy checks ...
  dtml-var privacy
  dtml-var standard_html_header
  dtml-var standard_html_footer
  /dtml-if

I know about 2 possible approaches:

 I. let your "privacy" method return a value (using "dtml-return")
and check it above:

dtml-if privacy
  ...header...
  ...
  ...footer...
/dtml-if

 II. I think (this implies, I am not sure), that ZPublisher
 translates exceptions into HTTP response codes.
 This would mean, you could try:

   In your "privacy" method:
  
  dtml-call "RESPONSE.redirect(...)"
  dtml-raise type="Redirect"/dtml-raise
  

   in your other objects:

  dtml-call privacy
  ...header...
  
  ...footer...


Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )