Hi,
what is Zope supposed to do, when there are conflicting security annotations
applied to an object?
I'd like to make an object inaccessible - except for members of a given role.
This is how it should look like:
grantPermissionToRole('zope.View','role.admins',Allow)
denyPermissionToRole('zope.View','zope.Anybody',Deny)
Is this possible? If not, why? Maybe there's a more elegant solution?
'zope.Anybody' is defined as a "group" in etc/principals.zcml. Can I
use it like a role?
Is there a role, any anonymous user *and* any authenticated user is
automagically assigned to?
Thank you for any help.
Regards,
Frank
_______________________________________________
Zope3-users mailing list
[email protected]
http://mail.zope.org/mailman/listinfo/zope3-users
