[Product-Developers] controlling allowed content types inside folderish
Raphael Ritz
r.ritz at biologie.hu-berlin.de
Thu Dec 1 09:35:46 UTC 2011
On 11/30/11 5:07 PM, Maarten Nieber wrote:
>> http://stackoverflow.com/questions/7766731/restrict-content-types-on-
> dexterity-documents might show you one way to do this,
>>
>> Raphael
>>
>
> Hi Raphael,
>
> thanks for the suggestion. I tried to follow it by:
>
> 1. going to the page (called Marketing) in which I want to finetune the
> permissions (using my Manager account), open a debugger with the pdb view, and
> executed
>
> section.manage_permission("Modify portal content", roles=['Manager'], acquire=0)
> import transaction; transaction.commit()
>
> 2. Restarted plone, reloaded the Marketing page, entered into the pdb view, and
> checked that Site Administrator no longer has Modify portal content permissions.
>
> ipdb> [x['name'] for x in section.permissionsOfRole('Site Administrator') if
> x['selected']]
> ['Access contents information', 'Change portal events', 'View']
>
> 3. Then I switched to a Site Administrator account, visited another random page,
> copied it with the Copy action menu item, and returned to the Marketing page of
> step 1. In the action menu I can now Paste the item.
>
> I wonder why I am allowed to paste something into the Marketing item when my
> account has no Modify portal content permissions there.
Add (or paste) is controlled by the "Add portal content" and potentially
by a type specific add permission not "Modify portal content".
Raphael
PS: sometimes it really hurts that the 'security' tab is suppressed
on most content items in ZMI ...
More information about the Product-Developers
mailing list