On Wed, 19 Jul 2000, Jephte CLAIN wrote:
> I have the scenario where a user can edit *its* data but not other
> users's data, unless he has a special role. however, the method used to
> edit one's data is the same.
> So I make sure inside the edit_data method that the user has the
> adequate permissions if he tries to edit another one's data.

   Make edit_data unpublishable (remove docstring, rename it to _edit_data)
and write two wrappers for it - one for own data, one for other's data.
Protect these wrappers with different sets of permissions.

Oleg.            (All opinions are mine and not of my employer)
---- 
    Oleg Broytmann      Foundation for Effective Policies      [EMAIL PROTECTED]
           Programmers don't die, they just GOSUB without RETURN.


_______________________________________________
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to