You are not logged in Log in Join
You are here: Home » Members » jim » ZopeSecurity » Zope-2.1.6-Policy » wikipage_view
Log in
Name

Password

 
Link icon Forgot your password?
 
Print

Zope-2.1.6-Policy

Example policy: DTML (Zope 2.1.6)

  • If an access name begins with aq_, then access is always allowed if the name is aq_parent or aq_explicit and always disallowed otherwise.
  • If an accessed value doesn't have a __roles__ attribute and the place it came from doesn't have and can't acquire a __roles__ attribute, then access is denied if the value was acquired and denied otherwise.
    MichelP?
    I'm not sure if this is clear Jim, or is the double negative a typo?

For brevity, define roles to be the accessed value's __roles__, if present or the (possibly acquired) __roles__ of the object the accessed value came from.

  • If the AUTHENTICATED_USER has any of the roles or the outermost DTML methods's proxy roles include any of the roles, then access is granted, otherwise, access is denied.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)