Chris Withers <[EMAIL PROTECTED]> wrote:
> AccessControl.User.BasicUserFolder defines:
>
> def authorize(self, user, accessed, container, name, value, roles):
>
> what is 'roles' in this context?
>
> I'm working on a new release of SUF. I'd like to provide a scriptable method
> which can
> decide what roles a user has at a given location.
>
> Ideally this would look something like:
>
> roles_def= {
> '/folder/object': {'chris':['Manager'],
> 'fred':['Anonymous']}
> }
>
> def getUserDetails(self,name,object):
>
> return {
> 'password':'apassword',
> 'roles':roles_def[object.absolute_url()][name]
> }
>
> Would 'authorize' be the correct place to plug this in?
No, it wouldn't.
You'd have to modify the places where roles are computed for a given
location: 'getRolesInContext' and 'allowed'. This is not completely
factored out for efficiency reasons.
Basically, these are the two places that check __ac_local_roles__, going
up the hierarchy.
Florent
--
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 87 http://nuxeo.com mailto:[EMAIL PROTECTED]
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
