in grok I do:
@grok.subscribe(IPrincipalCreated)
def update_principal_info(event):
principal = event.principal
...
app = grok.getSite()
...
prm = IPrincipalRoleManager(app)
prm.assignRoleToPrincipal('some_role', principal.id)
somthing like this.
maybe in zope3 this is similar.
Jens
Simon Elbaz schrieb:
> Hi,
> I have a similar difficulty.
>
> In site.zcml, the role 'zope.Member' is defined and a permission is granted:
> <role id="zope.Member" title="Site Member" />
> <grant permission="zope.View"
> role="zope.Member" />
>
> How can I assign a role to a principal who is created on the fly:
> a_principal =
> zope.app.authentication.principalfolder.InternalPrincipal(login=tab[0].encode('utf-8'),
> password=tab[1].encode('utf-8'), title=a_title.encode('utf-8'),
> passwordManagerName='SHA1')
> a_auth_plugin =
> getUtility(zope.app.authentication.interfaces.IAuthenticatorPlugin,
> 'myAuthenticatorPlugin')
> role_map = IPrincipalRoleManager(a_auth_plugin)
> role_map.assignRoleToPrincipal('zope.Member', a_principal.login)
> a_auth_plugin[a_principal.title] = a_principal
>
> I verify that the role is assigned:
> interaction =
> zope.securitypolicy.zopepolicy.ZopeSecurityPolicy()
> print interaction.checkPermission(a_principal, a_auth_plugin)
>>>> True
>
> But when I want to access the page defined below, it returns 'Unauthorized':
> <page
> name="login.html"
> for="zope.app.folder.interfaces.IFolder"
> permission="zope.View"
> layer="cdcadama.layer.ICdcadamaBrowserLayer"
> class=".login.LoginAddForm"
> />
>
> Thanks for your help
> Simon
>
>
> On Tue, May 12, 2009 at 12:34 PM, Massimiliano della Rovere
> <massimiliano.dellarov...@gmail.com
> <mailto:massimiliano.dellarov...@gmail.com>> wrote:
>
> I had a similar problem.
> My mistake was that I forgot the application prefix in the
> event.principal.id <http://event.principal.id>. (so instead of user
> app.XYZ I used only XYZ, which
> was not found in the PrincipalFolder).
>
>
> On Tue, May 12, 2009 at 12:18, Thierry Florac <thierry.flo...@onf.fr
> <mailto:thierry.flo...@onf.fr>> wrote:
> > Le mardi 12 mai 2009,
> > paftek <paf...@gmail.com <mailto:paf...@gmail.com>> a écrit :
> > ======================================================================
> >> I created a Role and a Permission affected to it :
> >> <role id="app.User" title="Utilisateur" />
> >> <permission id="app.Auth" title="Utilisateur authentifié" />
> >> <grant permission="app.Auth" role="app.User" />
> >>
> >> My users are store in a PostgreSQL database, not in the ZODB.
> >> I use the Zope authentication system to return a PrincipalInfo
> when an
> >> user log in.
> >>
> >> I do not know how to assign my "app.User" Role to the Principal who
> >> log in. I tried the following, without success :
> >>
> >> @adapter(IAuthenticatedPrincipalCreated)
> >> def setPermission(event):
> >> role_map = IPrincipalRoleManager(getSiteManager())
> >> role_map.assignRoleToPrincipal('app.User', event.principal.id
> <http://event.principal.id>)
> > ======================================================================
> >
> > Hi,
> >
> > What do you mean when you say "without success" ?
> > What do you get when you look at the "@@grant.html" view over your
> > context ??
> >
> > Thierry
> > --
> > Chef de projets intranet/internet
> > Office National des Forêts - Département Informatique
> > 2, Avenue de Saint-Mandé
> > 75570 Paris Cedex 12
> > Tél. : 01 40 19 59 64
> > Fax. : 01 40 19 58 85
> > Mél. : thierry.flo...@onf.fr <mailto:thierry.flo...@onf.fr>
> > Web. : http://www.onf.fr
> >
> > _______________________________________________
> > Zope3-users mailing list
> > Zope3-users@zope.org <mailto:Zope3-users@zope.org>
> > http://mail.zope.org/mailman/listinfo/zope3-users
> >
> _______________________________________________
> Zope3-users mailing list
> Zope3-users@zope.org <mailto:Zope3-users@zope.org>
> http://mail.zope.org/mailman/listinfo/zope3-users
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Zope3-users mailing list
> Zope3-users@zope.org
> http://mail.zope.org/mailman/listinfo/zope3-users
_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
