[Search] Documentation for "SecurityManager.validate"
I am looking for documentation about "SecurityManager.validate" (or "ZopeSecurityPolicy.validate", which is almost the same). Why do we get three outcomes: "return 1", "return 0" and "raise Unauthorized"? I would expect just the two returns and no exception. The source documentation for the "raise Unauthorized" is simply incomprehensible for me. What are "accessed" and "container" (in contrast to one another)? Again, the source documentation does not give me a precise understanding. Why is it bad when "aq_base(accessed) is aq_base(container)"? This seems to indicate, that under certain conditions "accessed" and "container" must not be the same, why? When can I omit some of the "validate" arguments? Dieter
----- Original Message ----- From: "Dieter Maurer" <dieter@handshake.de> To: <zope@zope.org> Sent: Thursday, August 22, 2002 3:11 PM Subject: [Zope] [Search] Documentation for "SecurityManager.validate"
I am looking for documentation about "SecurityManager.validate" (or "ZopeSecurityPolicy.validate", which is almost the same).
Why do we get three outcomes: "return 1", "return 0" and "raise Unauthorized"? I would expect just the two returns and no exception. The source documentation for the "raise Unauthorized" is simply incomprehensible for me.
I thought the same thing a while back, but haven't had sufficent "tuits" to make the necessary changes. http://dev.zope.org/Wikis/DevSite/Proposals/MakeRaiseUnauthorizedInS ecurityPolicyOptional
What are "accessed" and "container" (in contrast to one another)? Again, the source documentation does not give me a precise understanding. Why is it bad when "aq_base(accessed) is aq_base(container)"? This seems to indicate, that under certain conditions "accessed" and "container" must not be the same, why?
This code is so dense and sparsely commented that it's difficult to tell.
participants (2)
-
Chris McDonough -
Dieter Maurer