Within a python file I do a call to thread.start_new_thread(...). Before this call, I am the admin user (verified by calling AccessControl.getSecurityManager().getuser().getUserName()). After the call, however, in the new thread, the user is now "Anonymous User".
Is there any way to somehow "pass" the user between threads because the code executed in the new thread needs the same permissions as the code executed in the old thread? I can obviously pass the user name to the new thread, but I'm not sure if that does me any good, because I doubt an Anonymous User would have permission to make itself another user.
Any hints or suggestions would be appreciated.
Given that you trust yourself ;), you can add a security context from within the second thread; you could pass the user ID to the thread via one of several forms of "currying", e.g. via instance variables::
def __init__(self, user_id): self._user_id = user_id
def __call__(self, *args, **kw): sm = getSecurityManager() sm.newSecurityContext(None, User(self._user_id)) # your code here .....
thread = Thread(TrustedSecurityTask(user_id)) thread.start()
Tres. -- =============================================================== Tres Seaver [EMAIL PROTECTED] Zope Corporation "Zope Dealers" http://www.zope.com
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce