[Grok-dev] grokcore.component 1.0 released!

David Pratt fairwinds at eastlink.ca
Thu May 1 09:57:55 EDT 2008


Hi Phillip. Many thanks for your reply and your efforts on this package. 
This could be extremely time saving for sure. My apologies about 
drifting on about views when they are not part of your package when the 
issue is simply adaptation. Certainly z3 view can be applied as usual.

The only issue really then is with trusted adaptation. In this 
circumstance, I should I not be able to use a regular adapter in this 
case and use zcml? Do you forsee any issue of mixing grok components 
with traditional components within an app? If they play well together, 
then this could make like much simpler for Z3 development which is quite 
exciting.

Regards,
David

Philipp von Weitershausen wrote:
> On 1 May 2008, at 14:55 , David Pratt wrote:
>> Hi Phillip, this looks interesting. Can you explain how this works 
>> together with z3 security. Since multiadapters are part of the mix, I 
>> am assuming this means everything is without any security on the views 
>> as with regular Grok. I am willing to consider trying this out a small 
>> project but my stumbling block is security. Many thanks.
> 
> grokcore.component is not about views. It's just about adapters, 
> multi-adapters, utilites and event subscribers. Those components 
> typically have no security associated with them (except for those 
> so-called "trusted" adapters which occur very rarely).
> 
> Saying that views in regular Grok are "without any security" isn't true 
> anyway. Views can be protected quite easily and effectively using 
> security declarations in Grok. They're just public by default to make 
> development in the beginning easy. But if you use regular Zope 3 plus 
> grokcore.component rather than Grok, you won't get the public-by-default 
> setting anyway.
> 


More information about the Grok-dev mailing list