You are not logged in Log in Join
You are here: Home » Members » jim » ZopeSecurity » Zope-2.1.6-Policy
Log in
Name

Password

 
Link icon Forgot your password?
 
Print

History for Zope-2.1.6-Policy

??changed:
-
Example policy: DTML (Zope 2.1.6)

  - If an access name begins with 'aq_', then access is always
    allowed if the name is 'aq_parent' or 'aq_explicit' and always
    disallowed otherwise.

  - If an accessed value doesn't have a '__roles__' attribute and
    the place it came from doesn't have and can't acquire a
    '__roles__' attribute, then access is denied if the
    value was acquired and denied otherwise.

    MichelP -- I'm not sure if this is clear Jim, or is the       double negative a typo?

  For brevity, define 'roles' to be the accessed value's
  '__roles__', if present or the (possibly acquired) '__roles__'
  of the object the accessed value came from.

  - If the AUTHENTICATED_USER has any of the roles or the
    outermost DTML methods's proxy roles include any of the     roles,
    then access is granted, otherwise, access is denied.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)