[Zope-dev] Re: PROBLEM(100) Init Ambiguous name
Chris McDonough
chrism@zope.com
Fri, 27 Jul 2001 13:43:41 -0400
If someone summarizes the distinctions made in this email, I can put it
in the ZDG.
Chris Withers wrote:
>
> Shane Hathaway wrote:
> >
> > > What happens if I want to protect manage_editForm with one permission
> > > and manage_main with another?
> >
> > You can't. :-) That's why the ambiguity is a problem. If the method is
> > called manage_editForm, the security machinery (under most circumstance)
> > will look for "manage_editForm__roles__" no matter what attribute name
> > you used to access it. Maybe someday this will change.
> >
> > > Also, kindof related, what happens if I want to protect a method with
> > > more than one permission?
> >
> > You can't do that either, and for good reason. Would it be an OR or an
> > AND operation? Or some combination? Better to just call
> > getSecurityManager().checkPermission().
>
> Thanks :-)
>
> How do we make sure both of these are documented in big flashing letters in the
> development guide?
> I've been at the python product programming thang for some time (;-) now and I
> never knew that, in fact I had made completely incorrect assumptions...
>
> cheers,
>
> Chris
> >
> > Shane
>
> _______________________________________________
> Zope-Dev maillist - Zope-Dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope-dev
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope )
--
Chris McDonough Zope Corporation
http://www.zope.org http://www.zope.com
""" Killing hundreds of birds with thousands of stones """