Ivan Raikov wrote:
security machinery allows. I've always thought that it might be nice to provide a hook for each method in a Zope class (similar to declarative security statements), and to use this hook to validate the parameters, according to the needs of the user.
Now that's a brilliant idea :-) Could you stick that in a Proposal and get it implemented? I'd love to use it...
For string parameters, perhaps we can also have the ability to specify a "filter" -- something like a search and replace statement, with Sed-like syntax.
Ah, but surely the hookable method you propose could be used to doing any filtering required. This'd be my idea: from coersion import coerce def checkParms(self,args,kw): if args: raise TypeError,'Only keyword arguments allowed' if len(kw.keys())>1: raise TypeError,'Too many parameters supplied' param1 = kw.get('param1','') param1 = coerce(param1,'html',tags=self.allowed_tags) return ((),{'param1':param1}) def myClass(Folder): security = ClassSecurityInfo() security.declarePublic('myMethod') security.setParameterChecker('myMethod',checkParms) def myMethod(self,param1): ...do stuff... I just have a feeling that it might make your app crawl though :-( cheers, Chris