On Mon, 23 Aug 2010 18:29:55 +0200 Hanno Schlichting <hanno@hannosch.eu> wrote: Hello Hanno,
On Mon, Aug 23, 2010 at 6:13 PM, Sylvain Viollon <sylvain@infrae.com> wrote:
In Zope 2.12.10, in permissions.zcml of Five, zope2.Public is defined. So you can use it in ZCML.
However the code who setup the security in security.py of the same package doesn't care about zope2.Public, just about zope.Public.
So when you use the permission zope2.Public, your page is not public, and when you use the permission zope.Public, well you get an error as it is not declared.
(I would just rename the permission in the ZCML I think, that will create errors for users to force them to update their code).
How is this different from the current situation? We have this in site.zcml:
<meta:redefinePermission from="zope2.Public" to="zope.Public" />
I dont' really know, probably this meta doesn't work as expected. I clearly know from my tests that: - with zope2.Public as a permission on my view it was not public (anonymous could not access it), - if I use zope.Public I got an error that this permission didn't exists (while loading the ZCML), - and if I defined zope.Public with a permission ZCML tag and used it it worked (my view was public for real, anonymous could access it). (and I have the same thing in my site.zcml, and I even include Products.Five in my ZCML myself). Probably I should open a launchpad issue. Regards, Sylvain, -- Sylvain Viollon -- Infrae t +31 10 243 7051 -- http://infrae.com Hoevestraat 10 3033GC Rotterdam -- The Netherlands