DZone Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world

Snippets has posted 5883 posts at DZone. View Full User Profile

Check That A User Has Permission On All Parents In Zope

07.19.2005
| 4959 views |
  • submit to reddit
        If you need to be sure that a user can view an object, you need to check the View permission not only on the object but also all of its parents.  To do this, I slightly modified the script at http://zopelabs.com/cookbook/1018022911 so that it uses the context object and specified the View permission.

Create a Python script in your acquisition path (I used portal_skins/custom) named can_view and paste in this code:
permission = "View"
try:
  object=context
  if not object.acquiredRolesAreUsedBy( permission ):
    for p in object.rolesOfPermission( permission ):
      if p['selected']:
        if p['name'] in user.getRoles():
          return 1
  else:
   return 1
except:
    pass
return 0
Then you can check the permission in TAL like this:

<div tal:condition="some_object/can_view">
  ...
</div>