-----BEGIN PGP SIGNED MESSAGE-----
> Is it true that even though a user Role like 'author' is defined at zope
> root that users defined lower in the hierarchy *also* with role
> 'author' cannot access objects at root with role 'author' and
> permissions of view and access?
> The online zope book seems to say so.
> If so, couldn't we have some extra attribute to a role like "upwardly
> mobile"? (I want to share a code base for several folders sub-folders
> and I do not wanta to give it anonymous access).
The "scope" of a user's roles is limited to the folder containing her
user folder. The usual way to accomplish what you are asking for is to
have a single user folder at the highest scope which needs protecting,
and hav it grant users a role (you might even use 'Authenticated') which
you use to protect the shared resources.
You would then grant them *local* roles on the subfolders, giving them
Tres Seaver +1 202-558-7113 [EMAIL PROTECTED]
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -