[Zope-CMF] CMF 1.5 beta coming -- last call before feature freeze!

Tres Seaver tseaver at zope.com
Wed Aug 4 17:35:04 EDT 2004


Stefan H. Holek wrote:
> Because the caller is not himself derived from ZCatalog?
> 
> I am not married to 'private', btw. Anything you think is more 
> appropriate? I'm not even married to the method name ;-).

The name is fine, and I agree with you that this method should be 
private, but why does the caller need to call it as a method?  E.g.:

   $ bin/zopectl debug
   >>> catalog = app.site.portal_catalog
   >>> from Products.ZCatalog.ZCatalog import ZCatalog
   >>> ZCatalog.searchResults(catalog)
   []

If we make the new method private (which seems right), then anyone who 
would be allowed to call it could equally well import the ZCatalog class 
(as I just did) and call it's searchResults method without method dispatch.

The reason I think it should be private is that otherwise it would open 
the possibility that a user would be able to see results for:

   - objects she couldn't then view (since we bypass the
     'alloweRolesAndUsers' check)

   - objects either not yet effective or already expired, but without
     having the corresponding AccessInactivePortalContent permission.

Sites have use cases which need to bypass these restrictions for 
"normal" use should probably be replacing the 'portal_catalog' tool.

Tres.
-- 
===============================================================
Tres Seaver                                tseaver at zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com


More information about the Zope-CMF mailing list