On Wednesday 06 September 2006 07:51, Denis Shaposhnikov wrote:
> >>>>> "Stephan" == Stephan Richter <[EMAIL PROTECTED]> writes:
>  Stephan> I think Albert's solution is okay, but I would also suggest
>  Stephan> that you should consider redirecting to a different URL for
>  Stephan> each user. Those different URLs could reflect the different
>  Stephan> skins.
> Do you mean to redirect say Administrator to `/++skin++Admin/` and
> Just-A-User to `/++skin++Just-A-User/`? That's a solution and even I
> can hide `++skin++` part by WWW proxy to URIs like just `/Admin/` and
> `/Just-A-User/`.

Yep, that would be much more desirable. Of course you could use 
z3c.pluggabletraverser to produce those URLs in Zope as well.

> But I have a question. How to prevent user of group 
> Just-A-User from accessing admin's skin for example? Can I use
> simething like
> <page
>     name="details.html"
>     permission="zope.AdminView"
>     layer="admin_layer"
>     template="admin_details.pt"/>
> and
> <page
>     name="details.html"
>     permission="zope.UserView"
>     layer="user_layer"
>     template="user_details.pt"/>
> ?

Absolutely! :-) That's the point of layers and skins!

Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training
Zope3-users mailing list

Reply via email to