[Zope-dev] Zope 2.12.10, permission zope.Public vs zope2.Public
Sylvain Viollon
sylvain at infrae.com
Mon Aug 23 14:04:24 EDT 2010
On Mon, 23 Aug 2010 18:29:55 +0200
Hanno Schlichting <hanno at hannosch.eu> wrote:
Hello Hanno,
> On Mon, Aug 23, 2010 at 6:13 PM, Sylvain Viollon <sylvain at infrae.com>
> wrote:
> > In Zope 2.12.10, in permissions.zcml of Five, zope2.Public is
> > defined. So you can use it in ZCML.
> >
> > However the code who setup the security in security.py of the same
> > package doesn't care about zope2.Public, just about zope.Public.
> >
> > So when you use the permission zope2.Public, your page is not
> > public, and when you use the permission zope.Public, well you get
> > an error as it is not declared.
> >
> > (I would just rename the permission in the ZCML I think, that will
> > create errors for users to force them to update their code).
>
> How is this different from the current situation? We have this in
> site.zcml:
>
> <meta:redefinePermission from="zope2.Public" to="zope.Public" />
>
I dont' really know, probably this meta doesn't work as expected.
I clearly know from my tests that:
- with zope2.Public as a permission on my view it was not public
(anonymous could not access it),
- if I use zope.Public I got an error that this permission didn't
exists (while loading the ZCML),
- and if I defined zope.Public with a permission ZCML tag and used it
it worked (my view was public for real, anonymous could access it).
(and I have the same thing in my site.zcml, and I even include
Products.Five in my ZCML myself).
Probably I should open a launchpad issue.
Regards,
Sylvain,
--
Sylvain Viollon -- Infrae
t +31 10 243 7051 -- http://infrae.com
Hoevestraat 10 3033GC Rotterdam -- The Netherlands
More information about the Zope-Dev
mailing list