[Zope-CMF] Security on Skins
Dieter Maurer
dieter@handshake.de
Tue, 11 Sep 2001 22:36:56 +0200 (CEST)
Chris Withers writes:
> <permission name="View" acquired="no">
> <role>Manager</role>
> <role>Anonymous</role>
> </permission>
>
> The problem is that these 'security' files would need to be processed _after_
> their associated object has been created.
>
> Amusingly, this will probably happen naturally given that .security will be
> listed after .dtml, .css, and .pt (but sadly not after .zsql, where I need it
> :-S)
I think, that is not a serious problem.
Just skip the security files during folder scanning.
When you process your object, you look around whether
it has an associated security file and apply its content.
> So, can anyone think of a way to do this without patching DirectoryView.py?
I would expect, it skips files it does not understand.
Exactly what is necessary....
Dieter