School of GeoSciences

School of GeoSciences


A Permission defines what a user with a specified Role can do. Permissions are set by a Manager using the Security tab of the Zope Management Interface. The image below shows a fragment of the Permissions versus Roles table at the site root level:

Permissions and Roles

Notice how some Permissions are assigned to users with the Anonymous role, some to users with the Manager role and some to users with a variety of different roles. These initial Permissions are inherited throughout the site unless changed in a subfolder.

You may wish to restrict access to a document to specific groups of users, such as members of Staff, members of a Committee, or a group of students. Although access to individual documents can be restricted, it is easiest to put a family of restricted documents in a folder and apply the restriction to the folder. Suppose you wish to restrict access to a folder to users who have the Authenticated role (those who have logged in). The way to do this is to set the View permission in the folder in which the restriction is to apply.

How To: Set Permissions

To restrict access proceed as follows:

  1. Follow the links to the folder to which you wish to restrict access.

  2. Invoke the Zope Management Interface by typing manage at the end of the browser url line. If this line contains a html document name then remove it before typing manage.

  3. Click the ZMI Security tab. This will produce a table of Permissions and Roles. Scroll down the list until the View Permission is visible.

  4. To restrict access to users with the Authenticated role uncheck the Acquire? checkbox and check the Authenticated check box.


    Subfolders have an Acquire checkbox because they normally inherit from parents. Do not change the inheritance status of any other Permission unless you thoroughly understand Zope!

  5. To restrict access to a Committee uncheck the Acquire? checkbox and check the Manager, Editor and Member check boxes. Always check all three or you might find that you have denied yourself access.