[Zope-dev] Re: Bad interaction between Zope 2.7.3 and CMF 1.4
Tres Seaver
tseaver at zope.com
Sat Oct 9 15:39:06 EDT 2004
Stefan H. Holek wrote:
> On 09.10.2004, at 18:04, Tres Seaver wrote:
>
>>
>> *By definition*, anybody who has declared 'setDefaultAccess('deny')
>> *wants* the behavior you describe: that declaration says, "unless I
>> give you explicit permission for using a name, refuse."
>>
>> If Plone has classes which make such assertions, then either the
>> authors *meant* them, or they need to be removed. This is (literally)
>> the same thing as declaring
>> '__allow_access_to_unprotected_subobjects__ = 0' in your class.
>>
>
> Plone itself doesn't AFAICS. Third party applications may, like the one
> I was talking about. The unfortunate coincidence is that these apps work
> fine with Zope up to 2.7.2.
This would be a good time for those apps to convert to usubg
'getToolByName'. E.g., instead of:
tool = context.portal_sometool
they should be doing:
from Products.CMFCore.utils import getToolByName
tool = getToolByName(context, 'portal_sometool')
'getToolByName' already does the Right Thing here, because it uses
'aq_get' to find the tool.
Tres.
--
===============================================================
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
More information about the Zope-Dev
mailing list