What is an authorize Script?
An authorize script is a Python Script object that is passed a dictionary containing the current user's Purdue Electronic Directory information. The script does some processing and returns a list of role names that should be assigned to that user.
This allows you to dynamically assign roles to a user when they log into a website. For example, your authorize script could assign the role "West Lafayette Person" if the directory information you have has their campus set to "West Lafayette". You can also maintain a static list of people who should be given a particular role.
How do I create an authorize Script?
Open the Zope Management Interface for the folder where you would like to create the authorization script. Once the page has loaded, add "system" to the URL in the location bar of the browser and press Enter.
Example:
https://engineering.purdue.edu/ECN/manage_main
becomes
https://engineering.purdue.edu/ECN/system
A screen with several options will load.
Click the link titled "Setup Authorization for Site Maintainers". This will load the detailed description of what the tool will do. If you are interested, click read the details, if not, scroll to the bottom of the page and click the "Create Tools to Authorize Site Maintainers" button. This will return you to the Zope Management Interface for your folder. You will see three new objects created.
You can now grant users the "Manager" or "Maintainer" role by adding their fully qualified name to the "authorizeManagers" or "authorizeMaintainers" lists, respectively.