[Grok-dev] Grok and permissions
Sebastian Ware
sebastian at urbantalk.se
Sun Jan 13 11:49:43 EST 2008
13 jan 2008 kl. 12.33 skrev Luciano Ramalho:
> On Jan 13, 2008 7:56 AM, Sebastian Ware <sebastian at urbantalk.se>
> wrote:
>> I think the example looks great!!! However, I would find easier to
>> follow if each class and method had a text explaining what goes on
>> and
>> pointing out what (not obvious) design choices you made. You are
>> showing lots of great techniques that are useful.
>
> Thanks, Sebastian. I will add more docstrings and comments to the
> code.
>
>> What happened to the annotations? Did you remove them for the time
>> being?
>
> No I didn't. Why do you ask?
Because I expected to find a reference to the grok.Annotation base
class somewhere. Now I see that you have implement the annotations
through the [class UserDataAdapter(object)] in [interfaces.py].
I think you will find that it is a lot easier using grok.Annotation.
This is what I added to my application in order to create an edit
history using annotations (used the doctests for grok.annotation to
understand how to implement it), the code to annotate principals will
obvously be simpler:
class IProtonEditHistory(Interface):
"""
This is the edit history annotation.
"""
def addEdit(description, data):
""" Add an edit to the edit history. """
def getEdits():
""" Get a list of edits. """
from BTrees.OOBTree import OOTreeSet
from zope.security.management import getInteraction
class ProtonEditHistory(grok.Annotation):
grok.implements(interfaces.IProtonEditHistory)
grok.context(ProtonObject)
def __init__(self):
self._edits = OOTreeSet()
def addEdit(self, description, data):
interaction = getInteraction()
ids = [ p.principal.id for p in interaction.participations ]
edit = {
'user_id': ids[0],
'datetime': datetime.datetime.now(),
'description': description,
'data': data
}
self._edits.insert(edit)
def getEdits(self):
l = list(self._edits)
l.sort(lambda x, y: cmp(x['datetime'], y['datetime']))
l.reverse()
return l
@grok.subscribe(ProtonObject, grok.IObjectModifiedEvent)
def create_edit(obj, event):
history = interfaces.IProtonEditHistory(obj)
desc = []
if len(event.descriptions) == 0:
desc.append('Skapad')
attr = None
else:
desc.append('Uppdaterade... ')
for descr in event.descriptions:
desc.append(", ".join(descr.attributes))
attr = list(descr.attributes)
history.addEdit(''.join(desc), attr)
return
mvh Sebastian
>
>
> But I last night I started work on a simpler version of the LoginDemo
> which will not use annotations; user accounts will be stored in plain,
> unnatotated InternalPrincipals. That will cut a few dozen lines of
> code and make it more focused. However, the fact that adding just a
> little email field to a user is so complicated shows one weakness of
> the current Zope API.
If you use grok.Annotation I think you will find this to be a lot
better :) but maybe you can make it simpler still.
>
>
>> I am not sure that this is too difficult. Basically, you have
>> create a
>> template/recipe that a newbie can use to get up to speed with user
>> management. I think that is a good solution because it doesn't hide
>> the power, but makes it accesible.
>
> I agree that new examples/recipes are always good. But I still think
> this user facilities should be easier to use in Grok. Leo and I will
> work on a proposal to improve that this next week.
>
>> Also, I didn't get where you defined the permission
>> "grok.require('logindemo.ViewMemberListing')", or is that
>> unnecessary?
>
> That permission is defined in the first page of app.py, like this:
>
> class ViewMemberListing(grok.Permission):
> grok.name('logindemo.ViewMemberListing')
>
> The permission is assigned to new users in the join method of the Join
> view (app.py).
Right, I didn't see it at first.
>
>
> Best regards,
>
> Luciano
mvh Sebastian
More information about the Grok-dev
mailing list