[Zope-dev] Interfaces Wiki & Security Stuff

Michel Pelletier michel@digicool.com
Tue, 30 Jan 2001 11:41:47 -0800 (PST)


On Tue, 30 Jan 2001, Chris Withers wrote:

> Hi,
>
> How active/relevant is the interfaces wiki at:
> http://www.zope.org/Members/michel/Projects/Interfaces

Not active, mostly relevant.

> I'm trying to figure out how RoleManagers, local roles, etc work and where the
> work of Zope Security is actually done.
> I've found ZopeSecurityPolicy.py and bits of stuff in Roles.py, and a few lines
> in BaseRequest.py, but the picture is still kinda flakey :-S
>
> It looks like there was quite a lot of discussion on the Wiki about all this,
> but I'm not sure how old it is and whether anything happened from it :-(

It's old.  The Interfaces Wiki was a first attempt at grasping the API of
Zope, not an easy task.  Most of the effort in that wiki went into the
online help system for "through the web" objects.

As a second goal, the wiki was also used to collaborativly develop new
interface in Zope, mostly in the areas of traversal and security.  That
wiki and lessons learned from it were used by us to create the Interface
package that now comes with Zope.

The next phase of the project is to actually document the interfaces of
Zope in Zope itself using the new interface framework.  This will be the
first step (and the hardest) toward a more component-oriented framework.
These issues have been one of my tasks for the past few weeks, and in the
next major version of Zope, you will probably see a good bit of internal
interface documentation for high level and low level Zope interfaces.

-Michel

> So, where should I be looking to find out how RoleManager, Local Roles & Proxy
> Role work from a Python product developers point of view (in Zope 2.3) and what
> changes are in the pipeline?

Security changes are usualy not driven through a pileline, think more like
a gun to your head. ;)

-Michel