Tim Evans wrote at 2005-4-5 16:23 -0500:
>The company I work for would like to provide documents to clients via
>the web, and only allow one particular client (or group of users from
>the same client) access to those documents. I don't want any user to
>be able to detect the presence of any other user.
Then you must be quite strict with the permissions you grant
You should read about Zope's security system in the Zope Book
(2.6/2.7 edition, online).
> I essentially want
>several "sites", one for each client, with a group of administrative
>users responsible for maintaining these sites and publishing content
>to all of them.
You implement each site in a "Folder" with its own "acl_users"
(a so called UserFolder). Then users defined in such a folder
can only see access methods of objects outside this folder
when such access is granted to "Anonymous".
You defined your administrators in the global "acl_users".
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -