[Zope-dev] Post-Traversal Hook (+Post-Publication Hook)

robert robert at redcor.ch
Fri Oct 17 07:38:49 EDT 2003


what does publication mean in this context?
Robert
Am Freitag, 17. Oktober 2003 11:05 schrieb Christian Theune:
> Hi,
>
> I'm cleaning up the alternative BaseRequest for Zope 2.7 right now which
> implements a post traversal hook (which will go into 2.8) and discovered
> a small issue I would like to get some feedback from.
>
> Originally the patch called all registered methods after the user has
> been determined, but before eventually unauthorized is thrown. Therefore
> the SecurityManager already could deliver the user object, but it is not
> available within the REQUEST as the well known "AUTHENTICATED_USER".
>
> Anyway, does anybody see a special reason to call the hooks
>
> a) before unauthorized
> b) after complete successful authorization
>
> I see that there could be two hooks make sense in there, but can't
> decide for a single one. (My tummy tells me to go for the one after
> complete authentication, so we have the complete REQUEST environment as
> in opposition to site access rules.)
>
> Also Dario Lopez-Kaesten came up with a request for a hook that is
> called after the publication. Is there anybody objecting such a "post
> publication hook"? Otherwise I would go for
>
> - implementing post-traversal variant b
> - implementing a post-publication hook
>
> Cheers,
> Christian
>
> PS: Looks a bit like I should write a proposal on this ...?

-- 
mit freundlichen Grüssen

Robert Rottermann
www.redCOR.ch




More information about the Zope-Dev mailing list