You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
currently api.user.has_permission('cmf.ModifyPortalContent') returns True if logged in as Manager and False for users having the Modify portal content permission.
when i started to replace this checks with plone.api.user.has_permission i did not notice there is a problem first because i was logged in as manager user.
now our customer found out that ui elements where missing for content editors because the updated permission checks did not work properly.
this is why i'd suggest to make plone.api.user.has_permission to work with permission titles as well as ids
if that is not possible it would also help when plone.api.user.has_permission('invalid permission string', context) raises an exception if the permission is not valid (i can file another ticket for this if you agree with that)
plone.api.user.has_permission('invalid permission string', context) should raise an exception if the permission id is not valid (i can file another ticket if you agree with that)
The text was updated successfully, but these errors were encountered:
I agree we should support both writings. It is confusing enough to have those two different ways to do the same. Also, checking if the permission exists at all is a very good feature and would make problems with typos in permissions visible early.
👍 for supporting both, and for raising a ValueError or a more specific error in case no such permission is found.
I would say the same exception should be raised when this check is done for a Manager.
Is anyone up for making a PR?
currently
api.user.has_permission('cmf.ModifyPortalContent')
returnsTrue
if logged in asManager
andFalse
for users having theModify portal content
permission.problem: the method can only handle permission titles and silently fails when called with permission ids (https://github.com/zopefoundation/Products.CMFCore/blob/2.3.0/Products/CMFCore/permissions.zcml#L30)
i previously used the following code in my project:
when i started to replace this checks with
plone.api.user.has_permission
i did not notice there is a problem first because i was logged in as manager user.now our customer found out that ui elements where missing for content editors because the updated permission checks did not work properly.
this is why i'd suggest to make plone.api.user.has_permission to work with permission titles as well as ids
if that is not possible it would also help when
plone.api.user.has_permission('invalid permission string', context)
raises an exception if the permission is not valid (i can file another ticket for this if you agree with that)some pseudo-test-code:
plone.api.user.has_permission('invalid permission string', context)
should raise an exception if the permission id is not valid (i can file another ticket if you agree with that)The text was updated successfully, but these errors were encountered: