22 Aug
2002
22 Aug
'02
7:11 p.m.
I am looking for documentation about "SecurityManager.validate" (or "ZopeSecurityPolicy.validate", which is almost the same). Why do we get three outcomes: "return 1", "return 0" and "raise Unauthorized"? I would expect just the two returns and no exception. The source documentation for the "raise Unauthorized" is simply incomprehensible for me. What are "accessed" and "container" (in contrast to one another)? Again, the source documentation does not give me a precise understanding. Why is it bad when "aq_base(accessed) is aq_base(container)"? This seems to indicate, that under certain conditions "accessed" and "container" must not be the same, why? When can I omit some of the "validate" arguments? Dieter