How can i set permissions for Widget/Field of a behavior with plone.autoform?

With plone.autoform a field can be protected with a permission like this:

from plone.supermodel import model
from plone.autoform import directives as form

class IMySchema(model.Schema):
  secret = schema.TextLine(
    title = u'Secret',

But how can set the read and write permission for a behavior like IPublication.effective ?
At the moment i do this in my editform:

class MyCTEditForm(DefaultEditForm):

  enable_form_tabbing  = False
  # hold all widget from all fieldsets
  allWidgets = {}

  def update(self):
    super(MyCTEditForm, self).update()
    # that is the relevant check 
    current_user = api.user.get_current()
    is_manager = api.user.has_permission('Manage portal', user=current_user, obj=self.context)
    if not is_manager:
      self.allWidgets['IPublication.effective'].mode = DISPLAY_MODE

  def updateFields(self):
    super(MyCTEditForm, self).updateFields()

  def updateWidgets(self):
    super(MyCTEditForm, self).updateWidgets()

  def collectWidgets(self):
    # all widgets from the schema
    # the default fieldset
    for name, widget in self.widgets.items():
    # all widgets from the behavior schemas
    # additional fieldset
    for group in self.groups:
      for name, widget in group.widgets.items():

But it doesn't feel right. Is there another option? Any hints?

Had a similar issue lately. Your solution feels right (as best workaround) :sweat:

Does this mean that (theoretically) your fields can be read / written to ?

Is there a way to 'force' another form / view (like /base_edit or /@@someview ? )

The Field is writeable, the Widget is just in another "DisplayMode". Field and Widget are different things. I customized the Editform, because i need some explanation text between the fields and only the Reviewer should see and set the effective datetime.

And keep in mind: The permissions in dexterity schemas/plone.autoform are form-only and not checked in RestrictedPython code (such as scripts/templates).
I am not sure if plone.restapi respects those permissions (I would expect it, but would need to dig through code, maybe someone else may enlighten me).

1 Like