On 8/19/10 12:46 AM, Hanno Schlichting wrote:
Hi.
On Thu, Aug 19, 2010 at 6:15 AM, David Glick <davidglick@groundwire.org> wrote:
As an alternative to requiring calling setDefaultRoles/addPermission at import time, I suggest that we add an optional roles attribute to the <permission> directive. This would then be used when the directive is executed, instead of the current hard-coded Manager setting. Examples:
<!-- a new permission with 2 default roles --> <permission id="my.NewPermission" title="My new permission" roles="Manager SiteAdmin"/> <!-- a new permission with Manager as the sole, implicit role (backwards-compatible) --> <permission id="my.OtherPermission" title="My other permission"/>
Can roles currently contain whitespace? Like "Awesome People"?
If so, we should go for nested nodes:
<permission id="my.NewPermission" title="My new permission"> <role>Manager</role> <role>SiteAdmin</role> <role>Awesome People</role> </permission>
I think this matches the style of some of the GenericSetup handlers which deal with permissions.
Implemented at svn+ssh://svn.zope.org/repos/main/AccessControl/branches/davisagli-permission-directive -- can someone please review? Also, where should I document this addition? thanks, ---------- David Glick Web Developer davidglick@groundwire.org 206.286.1235x32 Groundwire: You Are Connected http://groundwire.org