----- Original Message ----- From: "Dieter Maurer" <dieter@handshake.de> To: <zope@zope.org> Sent: Thursday, August 22, 2002 3:11 PM Subject: [Zope] [Search] Documentation for "SecurityManager.validate"
I am looking for documentation about "SecurityManager.validate" (or "ZopeSecurityPolicy.validate", which is almost the same).
Why do we get three outcomes: "return 1", "return 0" and "raise Unauthorized"? I would expect just the two returns and no exception. The source documentation for the "raise Unauthorized" is simply incomprehensible for me.
I thought the same thing a while back, but haven't had sufficent "tuits" to make the necessary changes. http://dev.zope.org/Wikis/DevSite/Proposals/MakeRaiseUnauthorizedInS ecurityPolicyOptional
What are "accessed" and "container" (in contrast to one another)? Again, the source documentation does not give me a precise understanding. Why is it bad when "aq_base(accessed) is aq_base(container)"? This seems to indicate, that under certain conditions "accessed" and "container" must not be the same, why?
This code is so dense and sparsely commented that it's difficult to tell.