[Product-Developers] Setting localroles for groups, but having problems with permissions.

Noe Nieto nnieto at noenieto.com
Thu Sep 15 05:05:10 UTC 2011

I'm developing a Plone4 site that relies heavily on localroles,and workflow.

I have a 'Student' role which is given a 'Read book' permission by workflow
(When a object is published).
Then I use obj.manage_setLocalRoles() and obj.manage_delLocalRoles() to
switch on and off the 'Read Book' permission.
There are some views that require the 'Read book' permission and also use
SecurityManager's checkPermission() to find out if that permission has been

The idea is that the only way to gain the 'Read book' permission is by being
part of a group. So I'm using obj.manage_setLocalRoles('group-id',
['Student']) to grant that permission to all members of this group, however
the permisson is not being granted (access denied to views and
checkPermission() evaluates to false.

How do you grant local roles manually to a group?

I'm already using zopyx.plone.cassandra to get permission reports.
I'm not interested right now in using the @@roles view.

Noe Nieto
NNieto Consulting Services
M: nnieto at noenieto.com
W: http://noenieto.com
T:  @tzicatl <https://twitter.com/#%21/tzicatl>
Li: Perfil en LinkedIn <http://www.linkedin.com/profile/view?id=84300665>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plone.org/pipermail/plone-product-developers/attachments/20110915/378e3587/attachment.html>

More information about the Product-Developers mailing list