[Zope-CMF] Extending FTI.isConstructionAllowed
yuppie
y.2009 at wcm-solutions.de
Thu Jun 4 08:58:08 EDT 2009
Hi Wichert!
Wichert Akkerman wrote:
> Previously yuppie wrote:
>> 2.) The distinction between allowType() and isConstructionAllowed() was
>> clear in CMF 2.1: allowType() checked a cheap, not permission related
>> CMF specific restriction. isConstructionAllowed() checked generic
>> permission related restictions. The new restrictions
>> _checkWorkflowAllowed and ITypeConstructionFilter don't fit in one of
>> these two categories.
>
> Is there a reason that the two have to be separate?
I don't know the reasons, I just can guess. AFAICS it's not absolutely
necessary, but using one method would require several changes.
> What is the downside
> of one call that does all necessary checks?
These come to my mind:
- You no longer can use TypeInformation.constructInstance to bypass the
allowType() check. PortalFolderBase.invokeFactory checks allowType()
before calling constructInstance.
- You no longer can call CopyContainer._verifyObjectPaste from
PortalFolderBase._verifyObjectPaste without performing redundant
permission checks.
- Actions have a similar distinction between 'available' and 'allowed'.
The new 'add' actions in CMF 2.2 map allowType() and
isConstructionAllowed() to 'available' and 'allowed' keys.
>> allowType() and isConstructionAllowed() are both the wrong place for
>> checking additional restrictions. But allowType() could become part of a
>> more general precondition that could be checked by checkObject and a new
>> checkPortalType (=CMF specific checkFactory) function.
>
> How do you see this working? If it's simple enough I might have enough
> time to work on it this week.
In CMF we would add a __setattr__.precondition to IFolderish, Plone
folders would use a modified interface with a different precondition.
The preconditions would implement an interface like this one:
class IFolderishPrecondition(Interface):
def __call__(container, name, object):
"""Test whether container setitem arguments are valid.
Raise zope.interface.Invalid if the object is invalid.
"""
def portaltype(container, name, portaltype):
"""Test whether objects provided by the portal type are
acceptable
Return a boolean value.
"""
_verifyObjectPaste would use checkObject, other places where currently
allowType() is used would use a new checkPortalType function.
Does that make sense to you?
Cheers,
Yuppie
More information about the Zope-CMF
mailing list