[Grok-dev] grokcore.component and trusted adapters
Martin Aspeli
optilude+lists at gmail.com
Fri Aug 7 11:12:29 EDT 2009
Christian Zagrodnick wrote:
> On 2009-08-06 17:19:07 +0200, Martin Aspeli <optilude+lists at gmail.com> said:
>
>> Christian Zagrodnick wrote:
>>
>>> constantly I require trusted adapters.
>> Just curious, but what do you actually need them for?
>
> As Martijn already deducted, it's for using grokcore in zope 3 with
> model level security. And then you sometimes want to declare how access
> to the adapter is handled, for instance when using it in a form. The
> case I currently have is that I have an lxml tree on one object and use
> adapters to modify various parts of the tree. And since a tree
> basically consists of only one class you cannot do any meaningful
> security assertion there.
>
> Hope that helps.
It does. I must say I'm dubious about the usefulness of model-based
security (as opposed to view-based security) in practice, and wary of
proxies in general (but then I may have just been bitten too many times
by acquisition).
Cheers,
Martin
--
Author of `Professional Plone Development`, a book for developers who
want to work with Plone. See http://martinaspeli.net/plone-book
More information about the Grok-dev
mailing list