lazr-users team mailing list archive

["Edward F. Long, Jr." <edl@xxxxxxxxxx>]

Hello:

I'm trying to use the zope security/permission model to restrict access to certain fields in an interface based on the permission of the person making the request.

I've taken a look at how launchpad does permissions, and its not immediately clear on how to get this working

Could you give me some pointers in how to get started...

here's an example of what i'm trying to do:

our exposed Account entry resource has 3 fields (everything is read only)
    public_foo
    restricted_bar
    restricted_baz

We have 2 roles,  public and restricted.

public will only display 'public_foo'

restricted will display 'public_foo', as well as 'restricted_bar', and 'restricted_baz'


based on what I saw in launchpad, id expect our ZCML to look something like this:

    <permission id="api.permissions.Public"     title="Public view (Read-only)." />
    <permission id="api.permissions.Restricted" title="Restricted view (Read-Only)." />

    <securityPolicy component="sylph.security.SecurityPolicy" />

    <class class="core_models.models.account.Account">
        <allow interface="sylph.interfaces.IAccount"
        <require permission="api.permissions.Restricted"  
                             interface="sylph.interfaces.IAccountRestricted" />
    </class>



Any suggestions would be greatly appreciated.

Thanks

Edward F. Long, Jr.
Web Developer
AWeber Communications
x748

Programmer: (n)
   1: a multi-cellular organism that can convert caffeine into computer code (see also: geek)