[Zope-dev] Hookable Parameter Checking
Chris Withers
chrisw@nipltd.com
Sun, 11 Nov 2001 11:49:51 +0000
Ivan Raikov wrote:
>
> security machinery allows. I've always thought that it might be nice
> to provide a hook for each method in a Zope class (similar to
> declarative security statements), and to use this hook to validate the
> parameters, according to the needs of the user.
Now that's a brilliant idea :-)
Could you stick that in a Proposal and get it implemented? I'd love to use it...
> For string parameters, perhaps we can also have the ability to
> specify a "filter" -- something like a search and replace statement,
> with Sed-like syntax.
Ah, but surely the hookable method you propose could be used to doing any
filtering required. This'd be my idea:
from coersion import coerce
def checkParms(self,args,kw):
if args:
raise TypeError,'Only keyword arguments allowed'
if len(kw.keys())>1:
raise TypeError,'Too many parameters supplied'
param1 = kw.get('param1','')
param1 = coerce(param1,'html',tags=self.allowed_tags)
return ((),{'param1':param1})
def myClass(Folder):
security = ClassSecurityInfo()
security.declarePublic('myMethod')
security.setParameterChecker('myMethod',checkParms)
def myMethod(self,param1):
...do stuff...
I just have a feeling that it might make your app crawl though :-(
cheers,
Chris