[Grok-dev] post 1.0 Grok development wishlist
Sylvain Viollon
sylvain at infrae.com
Mon Oct 26 04:59:59 EDT 2009
On Tue, 06 Oct 2009 19:25:30 +0200
Martijn Faassen <faassen at startifact.com> wrote:
> Hi there,
>
Good morning,
I have been busy, and thinking.
> In the hope of prompting some discussions and development activity,
> here is a list of post 1.0 Grok wishlist items I have or know about:
>
> [...]
>
>
> * megrok.layout integration. Look into integrating megrok.layout
> functionality into the Grok core. This would require some discussion
> on megrok.layout to see what shape this integration could best be
> like.
>
As I use heavily that package in Silva (since I somehow made it in
Silva), I would like to work on that as well, as it's a feature I
already use.
So if there is people interested to brainstorm, I am all open.
If JW and Jan Jaap are interested maybe we can setup some kind of
local sprint a Friday afternoon at Infrae to talk about it (since we
are in the same city).
> * z3c.hashedresource and hurry.resource integration. Some work was
> done at the sprint to explore this.
>
I use my own cooked things for resources now, based in
z3c.resourceinclude, but I am not 200% satisfied, I am interested
to see how things are going here as well.
> * declarative model-level security decorators/directives, for the
> case where Grok's "view-only" security system isn't enough and
> security proxies are desired.
>
That last point is the one which interest me the most. There two
things I can think of:
- a decorator, which takes a permission and protect that method with
the given permission. As soon as you specify one decorator in your
class, all non-specified authorized access are forbidden, i.e. you
need to declare each method you want to access using a decorator:
class MyContent(grok.Model):
@grok.require('my.permission')
def doMe(self, bla, blabla):
pass
The decorator could take an instance of grok.Permission as well.
It sounds like in Zope2 with security.declarePrivate calls.
It sounds easy as well, to understand, and write.
But it doesn't sounds complete: I want to be able to protect
attributes as well, with one permission for view, and one for set.
- so we could create two directives, one for view, one for set (so
it cover the property usecase). They takes an interface, and a
permission, and do their jobs. If you don't set a view directive
but a set, the view fallback to the same permission than the view.
class IMyContent(grok.IContext):
lastDone = interface.Attribute()
def doMe(bla, blabla):
pass
class MyContent(grok.Model):
grok.restrict(IMyContent, 'my.changepermission')
grok.restrictAccess(IMyContent, 'my.viewpermission')
...
It's nice because this does everything I want of (in fact it's just
a translation of the ZCML configuration in grok directives, it's
not that original).
But you need to write interfaces to declare your security.
Interface are always a good thing anyway, but it sound complicated
for Grok newbies, whenever the first solution sounds more easy to
understand.
It might be shorter for complex declaration: you don't have to
repeat 20 times the grok.require with the same permission for a
class with 20 methods.
I think the best will still be only to implement the second 'idea' as
if you need to setup content-level security, that means your
application is complex, and so you are not a newbie anymore, so you
can understand and write interfaces. But if someone want the first
one anyway, I think it's doable in a megrok.something extension to
have it.
In both case, I propose the default security should be 'open' for a
class. If you specify a security definition on a class, all
non-declared attributes should be forbidden of access (let say
'closed').
For people who want to enforce security everywhere, I think that
megrok.strictrequire could check that.
Anyway I think everybody will agree that, that code should end up in
grokcore.security.
Note: all the directives name I propose are just the one who popup in
my mind when writing that mail. I am sure we can think of something
better.
If anyone have comments, I would love to have them. Maybe someone
have a better way/idea to define security.
Best regards,
Sylvain,
--
Sylvain Viollon -- Infrae
t +31 10 243 7051 -- http://infrae.com
Hoevestraat 10 3033GC Rotterdam -- The Netherlands
More information about the Grok-dev
mailing list