[Zope-dev] security.declareProtected doesn't always work?
Dieter Maurer
dieter@handshake.de
Fri, 4 Jan 2002 20:03:54 +0100
Martijn Faassen writes:
> Dieter Maurer wrote:
> [snip]
> > > Now replace the line "security.declarePublic('getTitle')" with something like
> > > "security.declareProtected('View', 'getTitle')", and suddenly nobody is
> > > allowed to call getTitle() on a Book object anymore.
> > You must acquistion wrap your book objects. Otherwise, Zope's
> > security code is unable to find the permission-role mapping.
> >
> > Try:
> >
> > return books.__of__(self)
>
> Aah, of course, makes sense. They should put this in the developer's guide!
> The thing that tripped me up is that it works at all for declarePublic. :)
The basic security mechanism uses the attribute "m__roles__" in order
to protect "m". If this attribute it "None", then "m" is public.
Otherwise, it is expected to be a sequence of roles that are allowed
to use "m".
But, "ExtensionsClass" brings with it computed attributes. This allows
"m__roles__" to be not a sequence but a method returning a sequence.
When you protect "m" with a permission "p", then
"m__roles__" is set to "PermissionRole(p)". This instance dynamically
evaluates into a sequence of roles by crawling up the "aq_container"
(which is correctly "aq_parent" after "aq_inner") chain and translating
"p" into roles by interpreting the "permission-to-role" mapping
it finds on its way to the application object.
Therefore, "declarePublic" works for non-wrapped instances while
"declareProtected" requires the wrapping.
Dieter