[Zope-dev] hotfix and security declaration

[Yuppie]

Hi!

Writing a hotfix for my product, I have same questions about security 
declarations. The ZDG doesn't cover this.

1.) adding a new Method:
Is the following code safe? Or is there a better way to do that?

<code>
from Globals import InitializeClass
from AccessControl import ClassSecurityInfo
from Products.oldProduct import oldClass

def newMethod(self):
    pass

oldClass.security = ClassSecurityInfo()
oldClass.security.declareProtected( 'View', 'newMethod' )
oldClass.newMethod = newMethod

InitializeClass(oldClass)
</code>

2.) override security declaration:

<code>
oldClass.security.declareProtected( 'View', 'oldMethod' )
InitializeClass(oldClass)
</code>

This code raises a conflict warning and doesn't change the setting.
The ZDG says: "it is not legal to declare two conflicting permissions on 
a method".
Why is it illegal? Why will it only accept the first declaration and not 
override it? Is there an other solution?


Thanks!

Yuppie