[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/ZMI/Views/Browser - GenericCreatorView.py:1.1.4.1.4.1 browser.zcml:1.1.4.1.4.1

Jim Fulton jim@zope.com
Fri, 26 Apr 2002 14:23:19 -0400 

Update of /cvs-repository/Zope3/lib/python/Zope/App/ZMI/Views/Browser
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/App/ZMI/Views/Browser

Modified Files:
      Tag: SecurityProxy-branch
	GenericCreatorView.py browser.zcml 
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:

- You now protect names/operations, *not* values. This means it's as
  easy yo protect data attributes that have simple values as it is to
  protect methods.

- There is no longer a __permissions__ attribute. :)

- There is no longer a validate method in either security managers or
  policies. 

- No more need to have a special compiler for restricted code.
  In exchange, lots of objects are proxies and code sometimes needs to
  be prepared to remove proxies.

In addition:

- Basic objects (None, strings, numbers, etc.) are not wrapped in
  context wrappers.

- There is a test that fails unless Python 2.3 is used.



=== Zope3/lib/python/Zope/App/ZMI/Views/Browser/GenericCreatorView.py 1.1.4.1 => 1.1.4.1.4.1 ===
 from Zope.PageTemplate import PageTemplateFile
 from Zope.App.ZMI.IGenericCreatorMarker import IGenericCreatorMarker
-from Zope.ContextWrapper import getcontext
+from Zope.Proxy.ContextWrapper import getWrapperContext
 from Zope.App.OFS.Container.Exceptions import DuplicateIDError
 from Zope.ComponentArchitecture import createObject
 
@@ -39,7 +39,7 @@
     def action(self, name, REQUEST=None):
         "Create an item of the class identified by the Addable (held in _context) within the container that is the parent of the Addable"
         addable=self.getContext()
-        container=getcontext(addable)
+        container=getWrapperContext(addable)
         
         if name in container.objectIds():
             raise DuplicateIDError, "ID '%s' already in use." % name


=== Zope3/lib/python/Zope/App/ZMI/Views/Browser/browser.zcml 1.1.4.1 => 1.1.4.1.4.1 ===
   <security:protectClass name=".GenericCreatorView."
                        permission_id="Zope.View"
-                       methods="index, action" />
+                       names="index, action" />
                        
 </zopeConfigure>