[Grok-dev] protecting grok.Model objects with zcml
Aroldo Souza-Leite
asouzaleite at gmx.de
Thu Sep 20 13:31:50 UTC 2012
Hi list,
is it possible to use 'classical' zcml directives to protect persistent
instances of
a class that inherits from grok.Model?
Sorry, I lost the thread of of a former discussion about only grok.View
being protected through grok.require directives. I would be thankful for
a pointer to an update.
What I'm trying to do:
class Stone(grok.Model):
'''
Instances of subclasses should be protected.
'''
class HardStone(Stone):
'''
A hard stone.
'''
grok.implements(IHardStone)
def __init__(self,name="hardstone-" + str(time.time()), hardness =
1, density = 0):
super(HardStone,self).__init__()
self.hardness = hardness
self.density = density
class UpdateHardness(grok.Permission):
grok.name('livebase.stones.update_hardness')
The directives in configure.zcml:
<class class="livebase.stones.HardStone">
<require permission="livebase.stones.update_hardness"
set_attributes="hardness"
/>
</class>
No user has roles with these permissions. But in the present state any
"public" view
can change the value of 'hardness'. I get the impression that if the
view is not protected,
the persistent object that this view shows (and updates) cannot be
protected either. Is something missing to
activate the zope security proxy for persistent objects?
What surprises me is that the Grok frameworks seems to know and
recognize all the elements involved in this configuration.
Am I making a basic mistake here?
I would be grateful for any hints.
Regards,
Aroldo.
More information about the Grok-dev
mailing list