Cliff Williams wrote:
If I decide that on a particular type I don't want certain fields to be
visible to anonymous users and then write a 'perferred_view.pt'; Is
there any way to prevent the user from seeing everything by appending
'/base_view'?
I've noticed that a few packages have custom templates that check
whether the user is a member or has been authenticated and I've been
able to get around them by just adding /base_view at the end of the url.
I'd like to be able to "lock down" the fields that are visible to
various user groups/roles/classes.
This is best done by specifying the 'read_permission' on
the field in the schema declaration.
(Yes, you need to patch or subclass to modify this)
Raphael
TIA
--Cliff
_______________________________________________
Setup mailing list
[email protected]
http://lists.plone.org/mailman/listinfo/setup
