I'm trying to allow users to delete objects that have been accidentally
created. I have criteria for what that means, but since I *DO NOT* want
them to delete object except by this method, I want to avoid granting
"Delete objects" to them (non-Managers).
Can this even be done? At the base level, "Delete objects" is a
hard-coded requirement of the ObjectManager.manage_delObjects() function.
One solution that I considered is to create a new role with the
privilege, then within my ExternalMethod:
- grant the role to the user for the folder,
- delete the object,
- remove the role for that user for the folder
But this seems overly tedious, and a problem if the script terminates
before removing the role. Similarly, it could use the Manager role in
the same scenario, but this seems dangerous.
Any insights appreciated,
PS: This seems on-topic, but using the code shown did not seem to have
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -