[Zope-dev] Ids starting with _
Toby Dickenson
tdickenson@geminidataloggers.com
Mon, 31 Jul 2000 14:47:25 +0100
On Sun, 30 Jul 2000 10:38:44 +0100, Chris Withers <chrisw@nipltd.com>
wrote:
>Dieter Maurer wrote:
>> > I wonder why starting folders with _ is so bad in Zope?
>
>> In the time, when everything was allowed what was not explicitely
>> forbidden, an easy way was necessary to forbid access. Jim
>> (and, therefore, Zope) used:
>>
>> anything starting with "_" is private: no DTML access, no Web access.
>>
>> Now, with the change to a security policy "Everything is
>> forbidden when not explicitely allowed", the need for
>> such a rule based on naming dwindles. Maybe, it will disappear
>> sometime in the future.
That rules applies at a lower level. It removes the need to have
special-case handling for the many low-level objects that should never
be web-accessible.
Almost all zope-manageable classes (and certainly Folders, that Dieter
mentioned) use the old rule. This happens because they derive from
SimpleItem.Item, which has __allow_access_to_unprotected_subobjects__.
Toby Dickenson
tdickenson@geminidataloggers.com