[Grok-dev] Default permission for Views?
Kevin Teague
kevin at bud.ca
Tue Nov 4 20:04:37 EST 2008
I've got an app where I want to protect all Views be default to only
users with a specific Role. There is this snippet generated by
grokproject:
<!-- Replace the following directive if you do not want
public access -->
<grant permission="zope.View"
principal="zope.Anybody" />
<grant permission="zope.app.dublincore.view"
principal="zope.Anybody" />
But changing the site.zcml security declarations don't seem to effect
anything. It seems like
"grokcore.security.util.check_or_default_permission" is what decides
the default permission with:
if permission is None:
permission = 'zope.Public'
So should this be made overridable? Or should I just sprinkle
grok.requires throughout my Views or am I missing something?
More information about the Grok-dev
mailing list