[Zope-dev] ZopeSecurityPolicy

Dieter Maurer dieter@handshake.de
Wed, 12 Mar 2003 00:08:13 +0100


Christian Theune wrote at 2003-3-11 17:11 +0100:
 > The method "validate" is not very clear about when it will raise an
 > exception and when it will return a boolean.
 > 
 > This results in code that expects it to return a boolean, and makes
 > conclusions about exceptions that are wrong by catching the anonymously,
 > transforming them all (e.g. AttributeError) into Unauthorized. This
 > shadows the real source of a problem, also the code that calls validate
 > probably shouldn't raise Unauthorized on it's own.
 > 
 > But there's where my problem starts: could we get it somewhat clear who
 > should raise Unauthorized, what can be expected from validate and where
 > should only boolean values be returned?

In my view, "validate" should return true or false and never
raise "Unauthorized".

At the places where "validate" is used in an immediate access check,
the caller raises "Unauthorized" when "validate" returns false.


The opposite is almost as acceptable:

  "validate" returns None (if access is granted) or raises
  "Unauthorized" otherwise.

  Callers that only want to check but not access can catch the
  exception.


The current behaviour where "access denied" is sometimes
represented as false and sometimes as Unauthorized is
not optimal.


Dieter