[Grok-dev] grokcore.component 1.0 released!
Philipp von Weitershausen
philipp at weitershausen.de
Thu May 1 09:24:20 EDT 2008
On 1 May 2008, at 14:55 , David Pratt wrote:
> Hi Phillip, this looks interesting. Can you explain how this works
> together with z3 security. Since multiadapters are part of the mix,
> I am assuming this means everything is without any security on the
> views as with regular Grok. I am willing to consider trying this out
> a small project but my stumbling block is security. Many thanks.
grokcore.component is not about views. It's just about adapters, multi-
adapters, utilites and event subscribers. Those components typically
have no security associated with them (except for those so-called
"trusted" adapters which occur very rarely).
Saying that views in regular Grok are "without any security" isn't
true anyway. Views can be protected quite easily and effectively using
security declarations in Grok. They're just public by default to make
development in the beginning easy. But if you use regular Zope 3 plus
grokcore.component rather than Grok, you won't get the public-by-
default setting anyway.
More information about the Grok-dev
mailing list