Archived community.zenoss.org | full text search
Skip navigation
2285 Views 3 Replies Latest reply: Oct 14, 2011 7:09 AM by jcurry RSS
jcurry ZenossMaster 1,021 posts since
Apr 15, 2008
Currently Being Moderated

Sep 19, 2011 3:33 PM

Overriding permissions in Core zcml files

Is there any way for a ZenPack to override the security tags in Core-provided zcml files?

 

For example, $ZENHOME/ZenUI3/browser/navigation.zcml has:

 

<browser:viewlet
    name="Reports"
    url="/zport/dmd/reports"
    subviews="/zport/dmd/Reports"
    weight="4"
    manager="..navigation.interfaces.IPrimaryNavigationMenu"
    class="..navigation.menuitem.PrimaryNavigationMenuItem"
    permission="zenoss.View"
    layer="..navigation.interfaces.IZenossNav"
    />

 

 

I want:

<browser:viewlet
    name="Reports"
    url="/zport/dmd/reports"
    subviews="/zport/dmd/Reports"
    weight="4"
    manager="..navigation.interfaces.IPrimaryNavigationMenu"
    class="..navigation.menuitem.PrimaryNavigationMenuItem"
    permission="zenoss.Common"
    layer="..navigation.interfaces.IZenossNav"
    />

 

 

Cheers,

Jane

  • Chet Luther ZenossEmployee 1,302 posts since
    May 22, 2007
    Currently Being Moderated
    1. Sep 22, 2011 1:05 PM (in response to jcurry)
    Re: Overriding permissions in Core zcml files

    It turns out that there's a very simple answer to this problem, and others like it. It's called overrides.zcml. Instead of putting that viewlet definition in configure.zcml, put it into a file called overrides.zcml. I just tested this, and it worked like a charm.

  • Chet Luther ZenossEmployee 1,302 posts since
    May 22, 2007
    Currently Being Moderated
    2. Oct 11, 2011 10:53 AM (in response to jcurry)
    Re: Overriding permissions in Core zcml files

    Apparently my last update wasn't complete for this case. Using overrides.zcml alone results in the Reports primary navigation being unavailable to anyone, even users with the Manager role.

     

    We need to define another skin layer to set custom permissions on the navigation items. Here's what I did within my ZenPack to make the Reports top-level navigation only available to users with the Manager role.

     

    configure.zcml (primary)

    <?xml version="1.0" encoding="utf-8"?>

    <configure

        xmlns="http://namespaces.zope.org/zope"

        xmlns:browser="http://namespaces.zope.org/browser">

     

        <include package=".browser"/>

     

        <interface

            name="sandboxSkin"

            interface=".interfaces.ISandboxSkin"

            type="zope.publisher.interfaces.browser.IBrowserSkinType"

            />

     

        <browser:viewlet

            name="Reports"

            url="/zport/dmd/reports"

            subviews="/zport/dmd/Reports"

            weight="4"

            manager="Products.ZenUI3.navigation.interfaces.IPrimaryNavigationMenu"

            class="Products.ZenUI3.navigation.menuitem.PrimaryNavigationMenuItem"

            permission="zenoss.ManageDMD"

            layer="ZenPacks.cluther.Sandbox.interfaces.ISandboxSkin"

            />

     

    </configure>

     

    overrides.zcml

    <configure xmlns="http://namespaces.zope.org/browser">

        <defaultSkin name="sandboxSkin"/>

    </configure>

     

    interfaces.py

    from Products.ZenUI3.navigation.interfaces import IZenossNav

     

    class ISandboxSkin(IZenossNav):

        """

        Marker interface for sandbox nav layer

        """

More Like This

  • Retrieving data ...

Legend

  • Correct Answers - 4 points
  • Helpful Answers - 2 points