Richard Jones wrote at 2005-8-26 10:00 +1000:
I'm migrating our 2.7-developed Product to 2.8. The following change has me puzzled. In 2.7, AccessControl.ZopeGuards guarded_getitem has the following code: ... def guarded_getitem(object, index): [ snip handling of slices ] ... v = object[index] if Containers(type(object)) and Containers(type(v)): # Simple type. Short circuit. return v if getSecurityManager().validate(object, object, None, v): return v raise Unauthorized, 'unauthorized access to element %s' % `i`
where "index" has become "None". This would appear to imply that we can't perform access controls on a per-item basis in sequences or mappings, unless we do so in the actual __getitem__ method
I remember a posting from Jim (Fulton) where he pointed out that this (access control for individual items based on their name) is not longer supported. I conclude that the change you see was by purpose (although I do not see *why* Jim removed this possibility). -- Dieter