On 10/18/05, Chris Crownhart <[EMAIL PROTECTED]> wrote:
> Good day,
> I am wondering if/how I could control the permissions on an object based
> on the value of an attribute.
> So, as an example, I have multiple users, and multiple values for the
> category field.  I would like User A to access the object if the
> category ='financial', and User B access the object if the
> category='other'.

If, as Mark asked, different users with different access privileges
have different roles, then how about writing a condition (TALES
expression) for the View action of your content type? Something along
the lines of

python: member and (member.has_role('Accountant') and
context.category=='financial') or (member.has_role('Editor') and

Don't quote me on the exact expression, though, you should test that.

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists -
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to