[Zope-dev] Re: RFC: backward compatibility of ps bindings RESOLUTION
Brian Lloyd
brian at zope.com
Wed Jan 21 14:06:24 EST 2004
> Jeremy Hylton wrote:
> > What if you used a special object that would produce a useful error
> > message if the user tries to access the container.
>
> I like this. Make it a singleton, and put it in the global namespace
> for Scripts, so that we can write:
>
> if context is Inaccessible:
> # Do without access to context
I've checked in the changes to the 2.6 branch, 2.7 branch and the head
to change the binding behavior for 'container' and 'context':
- If the user does not have access to the item, the script
will bind an UnauthorizedBinding object instead of the
real object, rather than throw an exception at binding
time.
- Any attribute or item access on the UnauthorizedBinding will
throw an Unauthorized, including the name of the binding
that the user didn't have access to.
The result is that if you have scripts where the script container
is inaccessible to the users of the script:
- If the script does not reference 'container' in its code,
things will work without any action on the part of the site
admin
- If the script *does* reference 'container' then a meaningful
Unauthorized error will be raised. Site admins can either
give users the appropriate roles on the script container or
give appropriate proxy roles to the scripts to fix any
problems.
Note that I *didn't* put the UnauthorizedBinding in the script
globals to implement the Inaccessible idea above, because:
- it is kind of 'featurish', at least in that it really should
have some associated documentation etc.
- I want to make only absolutely necessary changes at this
point and get 2.6.4 and 2.7.0 finalized.
If any of the Plone folk who have been running into this issue
can try the changes from cvs, I'd appreciate it.
thx,
Brian Lloyd brian at zope.com
V.P. Engineering 540.361.1716
Zope Corporation http://www.zope.com
More information about the Zope-Dev
mailing list