Ok. Thanx. But why is it like this? I imagine that deleting an object in a folder where I do not have permission to delete every object, or the folder itself, is a quite common task. Using the manage_delObjects and a proxy really feels like I'm fighting the zope security instead of getting support by it.
Or am I thinking wrong in the first place? What I really want to do is letting users answer a question object and the answers should be stored somewhere. A user must later be able to change or remove his answer, but of course not the answers of any other user. I place all answers objects belonging to a certain question in one folder, and I have the previously mentioned situation.
I know it is not that much of a problem to use a proxy, but if I can change my design in some way so can avoid the proxy I imagine that would be better./Erik
--On 18. April 2006 14:15:48 +0200 Erik Billing <[EMAIL PROTECTED]> wrote:
> I want to create a python script that deletes a specific file from a
> folder. For now, the user who is calling the script does not have the
> Delete objects permission on the folder, only the file which he should be
> able to delete. I have previously used the delObjects method on the
> folder to remove the file, but this requires the Delete obejcts
> permission on the folder itself.
folder.manage_delObjects() is the only API method you should use.
If your script needs additional permissions you must give the script
the proxy role Manager.
ZOPYX Ltd. & Co. KG - Charlottenstr. 37/1 - 72070 Tübingen - Germany
Web: www.zopyx.com - Email: [EMAIL PROTECTED] - Phone +49 - 7071 - 793376
E-Publishing, Python, Zope & Plone development, Consulting
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )