[Product-Developers] best way to require Authenticated role for viewlet

Nathan Van Gheem vangheem at gmail.com
Tue Jan 27 21:25:48 UTC 2009


>
> But would you say it's the best way? Is there a permission that defines
> "being
> authenticated" more directly?
>
Great question.  I've thought about this before and kind of forgot about
it.  It is a little hairy, but what you're doing is right as far as I can
tell.  The problem lies in the fact that there is an Authenticated role
assigned to logged-in users; although, you can only assign permissions to
viewlets not roles.  The set own password permission is assigned to the
Authenticated role, so you're okay there....  Would be nice to be able to
use a logged in permission for those sort of things though wouldn't it?


On Mon, Jan 26, 2009 at 6:43 AM, Kees Hink <hink at gw20e.com> wrote:

> I've set permission="cmf.SetOwnPassword" in browser/configure.zcml for a
> viewlet
> which i want to hide from Anonymous (not logged-in) users. I found this
> permission in Products/Five/permissions.zcml, and it does what i want.
>
> But would you say it's the best way? Is there a permission that defines
> "being
> authenticated" more directly?
>
> Remarks:
> - I would like to be able to achieve it without using TAL in the template.
> - I am aware that i could also modify the view's code to include some
> logic.
> - The viewlet is a footer, which is present on all pages.
>
> Cheers,
>
> Kees
>
> _______________________________________________
> Product-Developers mailing list
> Product-Developers at lists.plone.org
> http://lists.plone.org/mailman/listinfo/product-developers
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plone.org/pipermail/plone-product-developers/attachments/20090127/28caf79d/attachment.html>


More information about the Product-Developers mailing list