[Zope-dev] ZopeSecurityPolicy

[Christian Theune]

Hi,

I had some conversation with Tres about the SecurityPolicy
implementation. I would like to clean up following problem:

The method "validate" is not very clear about when it will raise an
exception and when it will return a boolean.

This results in code that expects it to return a boolean, and makes
conclusions about exceptions that are wrong by catching the anonymously,
transforming them all (e.g. AttributeError) into Unauthorized. This
shadows the real source of a problem, also the code that calls validate
probably shouldn't raise Unauthorized on it's own.

But there's where my problem starts: could we get it somewhat clear who
should raise Unauthorized, what can be expected from validate and where
should only boolean values be returned?

I would like to see some discussion, wrap it up in a proposal, and
deliver the code on a branch.

Thanks for listening,
Christian

-- 
Christian Theune, gocept gmbh & co.kg
phone: +49-3641-233526 mobile: +49-179-7808366
mail: ct@gocept.com