-----Original Message----- From: Ross Boylan [mailto:RossBoylan@stanfordalumni.org]
The 3rd reason is practical, rather than fundamental: 3) If I do it myself, I don't have to worry about getting my classes, which I may want to do as simply python objects, to play in the somewhat hard to grasp Zope framework.
The permission aspect is not difficult at all. One data structure, __ac_permissions__, defines all of the permissions for an object. It is a tuple of tuples: __ac_permissions__=( ('PermissionName', ['method1', 'method2', ...], ['Role1', 'Role2', ...],) ... ) Each permission tuple has three elements, a name, a list of methods that permission 'protects', and a list of Roles which have that permission by default. Of course, you can create new roles in the managment interface or programatically to map to permissions, this is a convinience that allows the object programmer to specify which methods are managment methods and which are accessable by other common roles like 'Anonymous'. Here is an example: __ac_permissions__=( ('Manage Vocabulary', ['manage_main', 'manage_vocab', 'manage_query'], ['Manager']), ('Query Vocabulary', ['query',], ['Anonymous', 'Manager']), ) -Michel