Toby Gustafson wrote:

   Within a python file I do a call to thread.start_new_thread(...).
Before this call, I am the admin user (verified by calling
AccessControl.getSecurityManager().getuser().getUserName()).  After the
call, however, in the new thread, the user is now "Anonymous User".

   Is there any way to somehow "pass" the user between threads because the
code executed in the new thread needs the same permissions as the code
executed in the old thread?  I can obviously pass the user name to the new
thread, but I'm not sure if that does me any good, because I doubt an
Anonymous User would have permission to make itself another user.

Any hints or suggestions would be appreciated.

Given that you trust yourself ;), you can add a security context from within the second thread; you could pass the user ID to the thread via one of several forms of "currying", e.g. via instance variables::

class TrustedSecurityTask:

     def __init__(self, user_id):
         self._user_id = user_id

     def __call__(self, *args, **kw):
         sm = getSecurityManager()
         sm.newSecurityContext(None, User(self._user_id))
         # your code here .....

   thread = Thread(TrustedSecurityTask(user_id))

Tres. -- =============================================================== Tres Seaver [EMAIL PROTECTED] Zope Corporation "Zope Dealers"

Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - )

Reply via email to