On Wed, Apr 06, 2005 at 12:49:19PM -0400, Jim Fulton wrote: | >i.e. will I still write: | > | > security.declareProtected(SomePermission, 'foo') | > def foo(self): | > ... | | That will work, and I don't see a need to deprecate it. | Eventually, though, I expect products to migrate to | ZCML-based security declarations. BTW, Five already allows ZCML-based security declarations, to the extent supported by Zope 2. You can't protect assigning to instance attributes by a permission until we move to Zope 3 security implementation. | It was/is possible to control access to mapping items | based on item values (e.g. key values). Is this related in any way to having a dictionary or callable in __allow_access_to_unprotected_subobjects__? I ask because we just started abusing this one *wink*. -- Sidnei da Silva <sidnei@awkly.org> http://awkly.org - dreamcatching :: making your dreams come true http://www.enfoldsystems.com http://plone.org/about/team#dreamcatcher <jumpy> we are the knights who say INT! SHORT! and UNSIGGGGGGGGGGGGGGGGNNNNNNNNNNNEDDDDDDDDDDDDD LONNNNNNNNNGGGGGG!