Achim,

Take a look at homefolder in the trunk.  You can find it here:

http://svn.zope.org/Zope3/trunk/src/zope/app/homefolder/

It does what you want to do.

On Fri, 07 Apr 2006 16:50:50 +0200, Achim Domma wrote
> Frank Burkhardt wrote:
> 
> >> Do I understand it right, that I do not grant a permission to a principal
on a certain 
> >> object instance? I only grant a permission to use a certain interface!?
> 
> > You can either grant permissions to principals (or groups/roles) globally.
Those permissions
> > can be used in multiple ways:
> >    * To protect Views. You can only access views you have permissions for
(e.g. <browser:page ...> )
> >    * To protect attributes/methods of classes (*not objects*) (<class
...><required interface=...>)
> >    * To define, who is allowed to modify certain attributes (<class
...><required set_schema=...> )
> 
> I can follow to this point. That's how I understand Zope security 
> until now.
> 
> > Additionally you may grant permissions (and role memberships) on a per
object (*not per class*)
> > basis ( using e.g. the grant.html-View) which effects only a single object.
> 
> That's what I was looking for, but don't know how to do. For I example:
> 
> I want to let a user create an object (i.e. a message in a message 
> board). All users with a certain role (i.e. Admins) should be able 
> to edit the new object, but the creating user should also be able to 
> edit it. So I have to give him the persmission to edit.
> 
> How can I do something like that?
> 
> regards,
> Achim
> 
> _______________________________________________
> Zope3-users mailing list
> Zope3-users@zope.org
> http://mail.zope.org/mailman/listinfo/zope3-users

_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

Reply via email to