[Grok-dev] Let's make security proxies an option

Sebastian Ware sebastian at urbantalk.se
Sat Mar 7 04:16:26 EST 2009


6 mar 2009 kl. 20.36 skrev Gary Poster:

>> Based on this experience, I think Grok should have documented ways to
>> enable model security and set method and attribute permissions using
>> Grok functions rather than ZCML.  I don't know whether model security
>> should be enabled by default; that's a much bigger discussion.
>
> For what it is worth, I think the fact that repoze uses model
> security, and the fact that other big projects like Launchpad and ZC
> projects use model security, and want it, might further indicate that
> it is a valuable option.

I too would like to see the option of adding model security to an  
application. Especially for data sensitive applications. But also to  
protect unublished objects in a CMS (instead of having to handle this  
in the view).

Mvh Sebastian


More information about the Grok-dev mailing list