Plone 5.2.
I have my own downsized behavior IOwnership with the creators
field which should only be editable by Managers.
The read/write permissions are set to cmf.ManagerPortal
.
However the field is visible and editable for users with roles Member + Editor + Authenticated
Anything missing here?
class IOwnership(model.Schema):
""" Like IOwnership but:
- no `rights` field
- `contributors` accessible only for managers
- `creators` accessible only for managers
"""
# ownership fieldset
model.fieldset(
"ownership",
label=_("label_schema_ownership", default=u"Ownership"),
fields=["creators", "contributors"],
)
form.read_permission(creators=permissions.ManagePortal)
form.write_permission(creators=permissions.ManagePortal)
creators = zope.schema.Tuple(
title=_(u"label_creators", u"Creators"),
description=_(
u"help_creators",
default=u"Persons responsible for creating the content of "
u"this item. Please enter a list of user names, one "
u"per line. The principal creator should come first.",
),
value_type=zope.schema.TextLine(),
required=False,
missing_value=(),
)
form.widget(
"creators", AjaxSelectFieldWidget, vocabulary="plone.app.vocabularies.Users"
)