Achim, Take a look at homefolder in the trunk. You can find it here:
http://svn.zope.org/Zope3/trunk/src/zope/app/homefolder/ It does what you want to do. On Fri, 07 Apr 2006 16:50:50 +0200, Achim Domma wrote > Frank Burkhardt wrote: > > >> Do I understand it right, that I do not grant a permission to a principal on a certain > >> object instance? I only grant a permission to use a certain interface!? > > > You can either grant permissions to principals (or groups/roles) globally. Those permissions > > can be used in multiple ways: > > * To protect Views. You can only access views you have permissions for (e.g. <browser:page ...> ) > > * To protect attributes/methods of classes (*not objects*) (<class ...><required interface=...>) > > * To define, who is allowed to modify certain attributes (<class ...><required set_schema=...> ) > > I can follow to this point. That's how I understand Zope security > until now. > > > Additionally you may grant permissions (and role memberships) on a per object (*not per class*) > > basis ( using e.g. the grant.html-View) which effects only a single object. > > That's what I was looking for, but don't know how to do. For I example: > > I want to let a user create an object (i.e. a message in a message > board). All users with a certain role (i.e. Admins) should be able > to edit the new object, but the creating user should also be able to > edit it. So I have to give him the persmission to edit. > > How can I do something like that? > > regards, > Achim > > _______________________________________________ > Zope3-users mailing list > [email protected] > http://mail.zope.org/mailman/listinfo/zope3-users _______________________________________________ Zope3-users mailing list [email protected] http://mail.zope.org/mailman/listinfo/zope3-users
