As part of a workflow, I evaluate whether the user has the 'Modify
portal content' permission as follows:
from CMFCore.permissions import ModifyPortalContent
from CMFCore.utils import _checkPermission
can_edit = _checkPermission(ModifyPortalContent, ob)
where ob is the object I am talking about.
The object is in a users' home folder in a CMF Site - so it's at
On the members folder I have set any user with Owner permission to have
the ModifyPortalContent permission, and to not acquire permissions. On
the user folder, I have set the user to have a local role of owner. All
permissions on <object> are acquired.
Now, when I call the actions tool from within a dtml template (okay, i
may be the only person still using dtml but bear with me) logged in as
<user>, the workflow thinks that I cannot edit the item. If I try the
same thing from the debug prompt (zopectl debug + log in as this user)
it thinks I do have permission.
I stepped through the code and somehow it thinks the user 'admin' is the
owner. I think this is being acquired from somewhere (not sure where).
I added the line _owner = None at the class level in
CMFCore.DTMLMethod (analagous to that in CMFCore.FSPythonScript) and
everything worked correctly but I'm confused.
Can anyone shed any light on what's going on? Although my fix made
everything work properly, I don't know _why_ for certain - is this a bug
in FSDTMLMethod that no-one has noticed until now, is it just
coincidence this fixed it, or what?!
Zope-CMF maillist - Zope-CMF@lists.zope.org
See http://collector.zope.org/CMF for bug reports and feature requests