[Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.
Sidnei da Silva
sidnei at awkly.org
Wed Apr 6 13:34:21 EDT 2005
On Wed, Apr 06, 2005 at 12:49:19PM -0400, Jim Fulton wrote:
| >i.e. will I still write:
| >
| > security.declareProtected(SomePermission, 'foo')
| > def foo(self):
| > ...
|
| That will work, and I don't see a need to deprecate it.
| Eventually, though, I expect products to migrate to
| ZCML-based security declarations.
BTW, Five already allows ZCML-based security declarations, to the
extent supported by Zope 2. You can't protect assigning to instance
attributes by a permission until we move to Zope 3 security
implementation.
| It was/is possible to control access to mapping items
| based on item values (e.g. key values).
Is this related in any way to having a dictionary or callable in
__allow_access_to_unprotected_subobjects__?
I ask because we just started abusing this one *wink*.
--
Sidnei da Silva <sidnei at awkly.org>
http://awkly.org - dreamcatching :: making your dreams come true
http://www.enfoldsystems.com
http://plone.org/about/team#dreamcatcher
<jumpy> we are the knights who say INT! SHORT! and UNSIGGGGGGGGGGGGGGGGNNNNNNNNNNNEDDDDDDDDDDDDD LONNNNNNNNNGGGGGG!
More information about the Zope-Dev
mailing list