[Zope-dev] Five: Creating permissions
Lennart Regebro
regebro at gmail.com
Wed Feb 25 15:19:16 EST 2009
On Wed, Feb 25, 2009 at 16:43, Martin Aspeli <optilude+lists at gmail.com> wrote:
> I think the fact that this workaround is necessary is a bug. The
> <permission /> directive is supposed to be used to declare new
> permissions, but it does not do that fully in Zope 2. An easy bug fix
> would be to put something like this into Five:
>
> <subscriber
> for="zope.security.interfaces.IPermission
> zope.component.interfaces.IRegistered"
> handler=".permissions.create_permission"
> />
>
>
> def create_permission(permission_utility, event):
> permission = permission_utilty.title
> roles = ()
> registered = _registeredPermissions
> if not registered.has_key(permission):
> registered[permission] = 1
> Products.__ac_permissions__=(
> Products.__ac_permissions__+((permission,(),roles),))
> mangled = pname(permission)
> setattr(ApplicationDefaultPermissions, mangled, roles)
>
> The body of this function is copied from CMF's setSecurityInfo.
>
> It'd also be nice if you could set up some app-root roles using the
> <grant /> directive from zope.securitypolicy, though I don't really know
> how that would work yet.
>
> What do you think? Could we put this in as a bugfix?
+1
This has annoyed me too, the subscriber seems like a neat solution.
--
Lennart Regebro: Pythonista, Barista, Notsotrista.
http://regebro.wordpress.com/
+33 661 58 14 64
More information about the Zope-Dev
mailing list