On 10/18/05, Chris Crownhart <[EMAIL PROTECTED]> wrote: > Good day, > > I am wondering if/how I could control the permissions on an object based > on the value of an attribute. > > So, as an example, I have multiple users, and multiple values for the > category field. I would like User A to access the object if the > category ='financial', and User B access the object if the > category='other'.
If, as Mark asked, different users with different access privileges have different roles, then how about writing a condition (TALES expression) for the View action of your content type? Something along the lines of python: member and (member.has_role('Accountant') and context.category=='financial') or (member.has_role('Editor') and context.category=='other') Don't quote me on the exact expression, though, you should test that. Rob _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )