leandros van den berg wrote:
I'm having trouble with the precondition field of a fileobject. I've got a fileobject (a PDF-file) and its precondition field states myPrecondition, which is a DTML Method and its code is:


This is insane...

Situation II:
- User with Bobo-role logs in and opens the PDF-file by entering its URL in the browser and the file is being displayed.
- Close browser.
- User without Bobo-role logs in and opens the PDF-file by entering its URL in the browser and the file is being displayed.

Not so good. The user without Bobo-role in situation II should get a login screen. Apparently because the file is in the browser cache, the user is authenticated.

No. The file is in the browser cache, so the cached version is returned to the user. This has nothing to do with authentication. You need to look at ways (ie: response headers, etc) to tell the browser not to cache this file, if that's what you really want...

Note: Using the security setting and assigning roles is not an option because the fileobject is recreated every night.

Rubbish. Two options:

- don't recreate the file each night, just edit its contents.

- when you recreate the file, set the role to permission mapping in the same lump of code.

cheers,

Chris

--
Simplistix - Content Management, Zope & Python Consulting
           - http://www.simplistix.co.uk

_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to