2009/2/12 Thierry Florac <thierry.flo...@onf.fr>:
> Le jeudi 12 février 2009 à 17:50 +0100, Sebastian Bartos a écrit :
>> I'm struggling with some Zope 3 startup code. I registered a user like
>> this for the Session Credentials plugin and login form stuff:
>>
>> ...
>>
>>     def create(self, data):
>>         site = getSite()
>>         sm = site.getSiteManager()
>>
>>         if sm.has_key('auth'):
>>             return "Site is already set up"
>>
>>         pau = Pluggableauth()
>>         sm['auth'] = pau
>>         sm.registerUtility(pau, Iauth)
>>         users = PrincipalFolder()
>>         sm['auth']['Users'] = users
>>         sm.registerUtility(users, IAuthenticatorPlugin, name="Users")
>>         pau.authenticatorPlugins = (users.__name__, )
>>         pau.credentialsPlugins = ("No Challenge if Authenticated",
>>                                   "Session Credentials")
>>
>>         user = InternalPrincipal("user", "foo", "user",
>>                                  passwordManagerName="SHA1")
>>         users["user"] = user
>>        principalPermissionManager.grantAllPermissionsToPrincipal("user")
>
>
> To run code automatically at application startup, I think that you
> should have a look at the IDatabaseOpenedWithRootEvent (defined in
> zope.app.appsetup.interfaces).
> I use this event to check a set of persistent database utilities at
> application startup, and it works fine.

Also, zope.securitypolicy provides a way to store location-based
grants. Just adapt your site object to IPrincipalRoleManager or to
IPrincipalPermissionManager (defined in zope.security.interfaces) and
use its methods to allow/deny roles/permissions to some principal ID.
It will handle the actual storing work. Child objects will inherit
parent's settings until they have their own local settings.

-- 
WBR, Dan Korostelev
_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

Reply via email to