You need to look at the AccessControl/rolemanager.py
module for details; the sharing tab in Plone is a friendly wrapper around that API.
To add roles for a given userid, call manage_addLocalRoles
:
context.manage_addLocalRoles('userid', ('Role1', 'Role2',))
The other two important methods are manage_setLocalRoles(userid, roles)
(replace the current set of roles completely) and manage_delLocalRoles(userid)
(delete all roles). get_local_roles_for_userid(userid)
could be handy too, to see what local roles are already defined.
You want to reindex security information after such changes:
context.reindexObjectSecurity()
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…