[Zope-CMF] Re: [dev] Unauthorized confusion and Zope 2.4
compatibility
Yuppie
schubbe at web.de
Tue Jan 6 10:44:48 EST 2004
Hi!
Stefan H. Holek wrote:
> I would like to see AccessControl.Unauthorized aliased to
> zExceptions.Unauthorized
I guess this should better be discussed on zope-dev at zope.org. Whatever
the result will be: It doesn't make any difference for CMF.
> and CMFUnauthorizedError removed altogether.
> There seems to be little point in having multiple types of Unauthorized
> exceptions (except to stay backward compatible that is).
CMFUnauthorizedError exists only in HEAD and I have to admit that not
everybody likes the concept of deep exception hierarchies. Until a 1.5
beta is released we could remove it again.
> FWIW, AccessControl.Unauthorized is accessible to restricted code
> whereas zExceptions.Unauthorized is not.
This is not true. Maybe you use a product like Plone that changes Zope
security settings. I don't think CMF should do the same.
I like the fact Zope permissions are aliased in CMF and all permission
names used in CMF are imported from CMFCorePermissions. I think we
should do the same with Zope exceptions in CMFCoreExceptions. This way
we can set our own security settings without changing Zope core.
Anyway. I can't see how to do what you propose without changing Zope
*and* breaking backwards compatibility.
Cheers,
Yuppie
More information about the Zope-CMF
mailing list