[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/OFS/Folder - folder.zcml:1.1.2.10

Jim Fulton jim@zope.com
Sun, 28 Apr 2002 13:17:08 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/App/OFS/Folder
In directory cvs.zope.org:/tmp/cvs-serv17050/lib/python/Zope/App/OFS/Folder

Modified Files:
      Tag: Zope-3x-branch
	folder.zcml 
Log Message:
HOTYB: Merged SecurityProxy-branch into main branch.  

All tests pass and folders can be listed and added through the web.
It is likely that most other things don't work and will need to be
fixed. The reason is that many accesses that should have been checked
before are now being checked and additional checks and thinking about
permissions and security settings are needed.

I'm in the process of drafting a paper for the wiki that describes the
changes in more detail.


=== Zope3/lib/python/Zope/App/OFS/Folder/folder.zcml 1.1.2.9 => 1.1.2.10 ===
   <security:protectClass name=".Folder."
                          permission_id="Zope.View">
-    <security:instances permission_id="Zope.View" />
     <security:protect 
               interface="Zope.ComponentArchitecture.IServiceManagerContainer." 
   	      permission_id="Zope.ManageServices" />
+    <security:protect
+              interface="Zope.App.OFS.Container.IContainer.IReadContainer"
+              permission_id="Zope.View" />
+    <security:protect
+              interface="Zope.App.OFS.Container.IContainer.IWriteContainer"
+              permission_id="Zope.ManageContent" />
   </security:protectClass>
 
+  <!-- XXX Do we really need RootFolder? -->
+  <security:protectClass name=".RootFolder." like_unto=".Folder." /> 
+
   <zmi:tabs for=".Folder.IFolder.">
     <zmi:tab label="Contents" action="contents;view"/>
     <zmi:tab label="Role Permissions" 
@@ -37,7 +45,6 @@
 
   <security:protectClass name=".LoadedFolder."
                          permission_id="Zope.View">
-    <security:instances permission_id="Zope.View" />
   </security:protectClass>
 
   <zmi:tabs for="Zope.App.OFS.Container.IContainerLimit.">