- Original Message -
From: Dieter Maurer [EMAIL PROTECTED]
To: Tim Hicks [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Friday, December 29, 2000 9:38 AM
Subject: Re: [Zope] inserting half a dtml tag into a zclass
Tim Hicks writes:
This is a multi-part message in MIME format.
--=_NextPart_000_0009_01C07071.533E96C0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
You are here long enough: you should know, we do not like MIME
messages.
My apologies. You're right, I do know better... my mistake. Also, apologies
for the delayed reply, I've been away.
... isolating privacy checks ...
dtml-var privacy
dtml-var standard_html_header
dtml-var standard_html_footer
/dtml-if
I know about 2 possible approaches:
I. let your "privacy" method return a value (using "dtml-return")
and check it above:
dtml-if privacy
...header...
...
...footer...
/dtml-if
I've gone for a 'method' based on this first idea of yours. Here is what
appears in each zclass instance.
dtml-call privacy
dtml-if "available == 1"
dtml-call "RESPONSE.redirect(restricted+'/restricted.html')"
dtml-else
dtml-var standard_html_header
dtml-var standard_html_footer
/dtml-if
And here is the privacy method.
dtml-call "REQUEST.set('available', 0)"
dtml-if "propertyLabel(availability) == 'private'"
dtml-call "REQUEST.set('available', 1)"
/dtml-if
dtml-call "REQUEST.set('dom', _.string.split(REQUEST.REMOTE_ADDR, '.'))"
dtml-if "dom[0] == '192'"
dtml-if "dom[1] == '168'"
dtml-call "REQUEST.set('available', 0)"
/dtml-if
/dtml-if
dtml-in PARENTS
dtml-let PARENT="_.getitem('sequence-item')"
dtml-if "PARENT.hasProperty('dehs_site_root_folder')"dtml-call
"REQUEST.set('restricted', PARENT.absolute_url())"/dtml-if
/dtml-let
/dtml-in
It's not perfect (that would be when there is nothing for the user to break
in each instance), but it's better than it was and also allows me to edit
only one privacy method to change the access rights.
II. I think (this implies, I am not sure), that ZPublisher
translates exceptions into HTTP response codes.
This would mean, you could try:
In your "privacy" method:
dtml-call "RESPONSE.redirect(...)"
dtml-raise type="Redirect"/dtml-raise
in your other objects:
dtml-call privacy
...header...
...footer...
You've lost me a bit there. Where am I actually checking to see if the user
has access rights?
Cheers
tim
___
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )