[Zope-dev] permissions/authorization on non ZClass/product objects
Toby Dickenson
tdickenson@geminidataloggers.com
Thu, 03 Aug 2000 09:42:21 +0100
On Wed, 2 Aug 2000 22:41:46 -0400 (EDT), Chris McDonough
<chrism@digicool.com> wrote:
>Karl,
>
>Two things come to mind:
>
>First, make sure you're returning the instances in the context of their
>container, e.g. instead of:
>
> def returnstuff(self):
> class foo:
> pass
> return foo()
>
>do
>
> def returnstuff(self):
> class foo:
> pass
> return foo().__of__(self)
If you want to do that, then you need to inherit the acquisition base
class too....
def returnstuff(self):
class foo(Acquisition.Implicit):
pass
return foo().__of__(self)
>You may also want to try the magic:
> def returnstuff(self):
> class foo:
> __allow_access_to_unprotected_subobjects__ = 1
> pass
> return foo().__of__(self)
>
>in the class instances you return if nothing in them needs to be protected
>by permissions in any way.
Using __allow_access_to_unprotected_subobjects__ the object doesnt
_need_ to have a context (although it might be useful for other
things), so you can drop the __of__
Toby Dickenson
tdickenson@geminidataloggers.com