[Grok-dev] zope.Anybody versus zope.Everybody in grokproject?
Martijn Faassen
faassen at startifact.com
Wed Jan 6 19:40:35 EST 2010
Hi there,
I'm too lazy to check grokproject myself, but I just read this:
"""
In etc/site.zcml.in, replace:
<grant permission="zope.View"
principal="zope.Anybody" />
<grant permission="zope.app.dublincore.view"
principal="zope.Anybody" />
by:
<grant
permission="zope.View"
principal="zope.Everybody" />
<grant
permission="dolmen.content.View"
principal="zope.Everybody" />
<grant
permission="zope.app.dublincore.view"
principal="zope.Everybody" />
Be careful:
* zope.Anybody applies to unauthenticated users only.
* zope.Everybody applies to both unauthenticated and authenticated users.
"""
This sounds like something we should fix like this in grokproject.
I thought there was a fix in grokproject already to add an extra view
permission to "zope.Authenticated", but using zope.Everybody sounds like
a cleaner fix. In addition it appears our fix was incomplete for
zope.app.dublincore.view?
regards,
Martijn
More information about the Grok-dev
mailing list