[Zope-CMF] Customised permissions

Martin Aspeli optilude+lists at gmail.com
Wed Jun 3 09:47:47 EDT 2009


Charlie Clark wrote:
> Am 03.06.2009 um 13:05 schrieb Wichert Akkerman:
> 
>> Not if you use collective.autopermission.
> 
> In which it states:
> 
> # This is borrowed from Products.CMFCore to avoid a dependency.
> 
> Where it states
> 
> # XXX This ought to be in AccessControl.SecurityInfo.
> 
> :-/


That code is, but not the whole functionality. The functionality to 
register Zope 2 style permissions when a <permission /> ZCML statement 
is used is new to collectie.autopermission. I merged that back into Zope 
for Zope 2.12, so if you're on 2.12 you're in luck. :)

> It looks like I only need use_mailhost_services which I've hooked up  
> in like this
> 
> security = ModuleSecurityInfo('Products.CMFCore.permissions') <-  
> should this reflect my module?
> 
> security.declarePublic('UseMailHostServices')
> UseMailHostServices = Permissions.use_mailhost_services
> 
> in a dedicated permissions module which I just include in the  
> configuration. Although I do like the event handling. Wouldn't it be  
> an idea to put this actually in the CMF?

The point is that Zope 2 permissions spring into existence when you 
start using them in a Module/ClassSecurityInfo. If nothing imports a 
module that has one of those, your permission doesn't exist. Prior to 
Zope 2.12, the <permission /> directive only used to map Zope 2 
permissions to IPermission utilities, but not actually create new ones.

> I also noticed that the CMF permissions are actually declared in Five.  
> Is there a reason for this? Surely the CMF permission declarations  
> should be in CMFCore

Sure. Historical reasons.

Martin

-- 
Author of `Professional Plone Development`, a book for developers who
want to work with Plone. See http://martinaspeli.net/plone-book



More information about the Zope-CMF mailing list