[Product-Developers] Partial Manager Role

Brayton Osgood braytonosgood at gmail.com
Thu Aug 7 02:03:33 UTC 2008


Hi,

I'm trying to create a partial manager role (Admin) that will have the  
ability to do a little site management (add users, set skins, maybe  
something else). I've created the role and imported it through Generic  
Setup, but I'm having some trouble with the permissions.

In rolemap.xml, I've given the "Manage users" permission to the Admin  
role.
In actions.xml, I've added "Manage users" to the property  
"permissions" in the "plone_setup" object.

This works in the sense that if I go to http://localhost/prefs_users_overview 
  as an Admin I'm allowed to access the page and register new users. I  
also get the "Site Setup" link added to my portal-siteactions viewlet  
in the header.

The problem I'm having is when I click on the "Site Setup" link. I get  
an authentication error which basically says I'm not allowed to access  
'coreVersions' in this context. My error message is below:

Request URL  	http://devel.digiyou.com/plone_control_panel
Exception Type 	Unauthorized
Exception Value 	You are not allowed to access 'coreVersions' in this  
context
...

Module zope.tales.tales, line 696, in evaluate
URL: file:/opt/Plone-3.1.2-brayt/zeocluster/parts/plone/CMFPlone/skins/ 
plone_prefs/plone_control_panel.pt
Line 28, Column 4
Expression: <PathExpr standard:u'mt/coreVersions'>
Names:

{'container': <PloneSite at /Brayton>,
  'context': <PloneSite at /Brayton>,
  'default': <object object at 0xb7cba528>,
  'here': <PloneSite at /Brayton>,
  'loop': {},
  'nothing': None,
  'options': {'args': ()},
  'repeat': <Products.PageTemplates.Expressions.SafeMapping object at  
0xb16f49cc>,
  'request': <HTTPRequest, URL=http://localhost/plone_control_panel>,
  'root': <Application at >,
  'template': <FSPageTemplate at /Brayton/plone_control_panel>,
  'traverse_subpath': [],
  'user': <PloneUser 'admin3'>}

I tried copying MigrationTool.py to my product directory and added the  
following line above the definition of coreVersions:
     security.declareProtected(ManageUsers, 'coreVersions')

It doesn't seem to make any difference.

Any suggestions? Is there a better way to create a partial manager?  
I'd prefer to do it on the filesystem and not through the ZMI.

Thanks much,

Brayton

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plone.org/pipermail/plone-product-developers/attachments/20080806/a611cd01/attachment-0002.html>


More information about the Product-Developers mailing list