http://developer.plone.org/reference_manuals/external/plone.app.dexterity/advanced/permissions.html

In the documentation, I see this,

Note All permissions need to be defined before the line in configure.zcml. Otherwise, you may get errors trying to use the permission with a grok.require() directive. The permissions.zcml file looks like this:

<configure
    xmlns="http://namespaces.zope.org/zope"
    i18n_domain="example.conference">

    <permission
        id="example.conference.AddSession"
        title="example.conference: Add session"
        />

    <permission
        id="example.conference.ModifyTrack"
        title="example.conference: Modify track"
        />

</configure>

New permissions are granted to the Manager role only by default. To set a different default, we can use the rolemap.xml GenericSetup import step, which maps permissions to roles at the site root.

In profiles/default/rolemap.xml, we have the following:

<?xml version="1.0"?>
<rolemap>
  <permissions>
    <permission name="example.conference: Add session" acquire="True">
      <role name="Owner"/>
      <role name="Manager"/>
      <role name="Member"/>
      <role name="Contributor"/>
    </permission>
    <permission name="example.conference: Modify track" acquire="True">
      <role name="Manager"/>
      <role name="Reviewer"/>
    </permission>
  </permissions>
</rolemap>

Note This file uses the Zope 2 permission title instead of the shorter Zope 3 permission id."

普隆的灵巧能被编程成使用数据库吗？如果我有成千上万的用户呢？当我已经在activedirectory或MySQL数据库中有这些文件时，需要处理的xml文件太多了。我想保持按钮和其他网页项目显示基于他们的安全性。灵巧似乎能做到这一点。在

谢谢。在

就像在我的服务器中清理用户和LDAP用户之间的混乱一样。在

在我设置好角色和用户之后，我所要做的就是直接包装我的html（在定义Python代码如下所示）之后，我是否正确：

“例如，如果用户有cmf.请求审核许可。在会话.py，我们使用以下内容更新视图类（同一页）

from zope.security import checkPermission

class View(dexterity.DisplayForm):
    grok.context(ISession)
    grok.require('zope2.View')

    def canRequestReview(self):
        return checkPermission('cmf.RequestReview', self.context)

会话中的模板和u/视图.pt模板，我们添加：

““