You are not logged in Log in Join
You are here: Home » Zope Documentation » How-To » Detecting User Roles in DTML
Log in
Name

Password

 
Link icon Forgot your password?
Print

Detecting User Roles in DTML

Created by . Last modified on 2003/08/01.

You may want to customize the look and feel of a page based on the roles of the user viewing it. How can this be done in DTML?

You can find out if a user has a role with a User object's has_role method: 

  <!--#if "AUTHENTICATED_USER.has_role('somerole')"-->
  ...
  <!--#/if-->

Note: AUTHENTICATED_USER is the user who is currently viewing a page. This user may be the Anonymous user if they have not logged in.

Note: You may also pass a list of roles to has_role.

Zope 2 introduced the notion of local roles which complicates things a little. It is possible to have different roles for different objects. So if I am a Manager I may also have a local role of Owner on a Folder.

To get the real roles that the user has in the context of a given object (which takes into account local roles given in that object and in other object higher up in the hierarchy), you need to also pass in an object for context. For example: 

  <!--#if "AUTHENTICATED_USER.has_role('Owner',this())"-->
  You own this Folder.
  <!--#/if-->

Note: this() returns the object on which a DTML method is being run.

You can also test for permissions on objects like so: 

  <!--#if "AUTTHENTICATED_USER.has_permission('View',someObject)"-->
  ...
  <!--#/if-->

Using permissions rather than role will tell you if a user is authorized to perform a give action on a given object.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)