Kevin Jones wrote at 2005-8-11 08:38 -0600:
>My company site allows anonymous visitors to enter a user login
>id and password, with the Role 'CoPersonnel'. It then allows
>them to create a project page and their project info...
>All is well and good until later, when they login to edit their
>page. It works, BUT it gives them permission to edit anyone
>else's page that has the Role 'CoPersonnel'! It also seems that
>while the first login is successful, they retain an 'Anonymous
>These two reside in a "Projects" folder: login_html, acl_users.
>The individual projects are located in a "Projects" subfolder:
>Do the acl_users and login_html file have to reside in the
>individual project folder? (BTW, I got the code from "The Book
There are global and local roles.
A global role is assigned to user globally.
It applies the the complete subhierarchy governed by the
user folder which defined the user.
The subhierarchy governed by a user folder is the one
whose root contains the user folder.
If this does not give you what you need, you have two
* move the "acl_users" down (such that it governs a smaller
* use "local" roles instead of global ones.
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -