Chris Withers <[EMAIL PROTECTED]> wrote: > AccessControl.User.BasicUserFolder defines: > > def authorize(self, user, accessed, container, name, value, roles): > > what is 'roles' in this context? > > I'm working on a new release of SUF. I'd like to provide a scriptable method > which can > decide what roles a user has at a given location. > > Ideally this would look something like: > > roles_def= { > '/folder/object': {'chris':['Manager'], > 'fred':['Anonymous']} > } > > def getUserDetails(self,name,object): > > return { > 'password':'apassword', > 'roles':roles_def[object.absolute_url()][name] > } > > Would 'authorize' be the correct place to plug this in?
No, it wouldn't. You'd have to modify the places where roles are computed for a given location: 'getRolesInContext' and 'allowed'. This is not completely factored out for efficiency reasons. Basically, these are the two places that check __ac_local_roles__, going up the hierarchy. Florent -- Florent Guillaume, Nuxeo (Paris, France) +33 1 40 33 79 87 http://nuxeo.com mailto:[EMAIL PROTECTED] _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )