Take a look at homefolder in the trunk. You can find it here:
It does what you want to do.
On Fri, 07 Apr 2006 16:50:50 +0200, Achim Domma wrote
> Frank Burkhardt wrote:
> >> Do I understand it right, that I do not grant a permission to a principal
on a certain
> >> object instance? I only grant a permission to use a certain interface!?
> > You can either grant permissions to principals (or groups/roles) globally.
> > can be used in multiple ways:
> > * To protect Views. You can only access views you have permissions for
(e.g. <browser:page ...> )
> > * To protect attributes/methods of classes (*not objects*) (<class
> > * To define, who is allowed to modify certain attributes (<class
...><required set_schema=...> )
> I can follow to this point. That's how I understand Zope security
> until now.
> > Additionally you may grant permissions (and role memberships) on a per
object (*not per class*)
> > basis ( using e.g. the grant.html-View) which effects only a single object.
> That's what I was looking for, but don't know how to do. For I example:
> I want to let a user create an object (i.e. a message in a message
> board). All users with a certain role (i.e. Admins) should be able
> to edit the new object, but the creating user should also be able to
> edit it. So I have to give him the persmission to edit.
> How can I do something like that?
> Zope3-users mailing list
Zope3-users mailing list