Terry Kerr wrote:
authorisation. Authentication is relatively easy and can be implemented
using an out of the box product such as exUserFolder, or something I
hack up myself.
Please use SUF, much simpler for this kind of thing ;-)
Another approach maybe to implement the authorization at the database
level by using GRANT, REVOKE, rules on tables, functions, views, etc.
If the Zope database connector could connect as the authenticated user,
then the rules would apply.
I'd subclass the DA you end up using to get this behaviour...
Simplistix - Content Management, Zope & Python Consulting
Zope-DB mailing list