[Zope-CMF] Re: [dev] Unauthorized confusion and Zope 2.4
compatibility
Yuppie
schubbe at web.de
Tue Jan 6 03:06:40 EST 2004
Hi!
Tres Seaver wrote:
> Yuppie wrote:
>> I propose to use zExceptions.Unauthorized to catch Unauthorized
>> (catches both) and AccessControl.Unauthorized to raise Unauthorized
>> (can be catched by both).
>
>
> +0: it is ugly, and a bug magnet, but may be the best we can do. Any
> place where we catch that should use the fully-qualified name, and
> include a comment so that others don't remove inadvertently. E.g.::
>
> try:
> # something which might raise one of the Unauthorized's
> except zExceptions.Unauthorized: # XXX: catch all Unauth!
> # handle it somehow
>
>> CMFCoreExceptions.CMFUnauthorizedError is already a subclass of
>> AccessControl.Unauthorized and could be used to raise Unauthorized.
>
>
> +1
>
>> CMFCoreExceptions.Unauthorized could become an alias of
>> zExceptions.Unauthorized.
>
>
> -1: I'd rather ditch it altogether; the alias is likely to cause
> confusion.
Well. I see your point. Two Unauthorizeds cause enough confusion.
This is my point:
The main reason I started the CMFCoreExceptions stuff was to make errors
catchable by TTW code.
CopySupport raises for example zExceptions.Unauthorized, so I want to be
able to import this error in TTW code.
I don't think it's the Right Thing to change security declarations for
Zope code by CMF code, e.g.:
<code>
ModuleSecurityInfo('zExceptions').declarePublic('Unauthorized')
</code>
So I prefer to have aliases in CMFCoreExceptions. But maybe it is more
clear to use something like 'zExceptions_Unauthorized'.
<code>
from CMFCoreExceptions import zExceptions_Unauthorized
try:
# something which might raise one of the Unauthorized's
except zExceptions_Unauthorized: # XXX: catch all Unauth!
# handle it somehow
</code>
What do you think?
Cheers,
Yuppie
More information about the Zope-CMF
mailing list