[Zope] Zope2b1 and Zclass permission ... something missing

Michel Pelletier michel@digicool.com
Thu, 29 Jul 1999 09:59:19 -0400


> -----Original Message-----
> From: Kevin Dangoor [mailto:kid@kendermedia.com]
> Sent: Wednesday, July 28, 1999 10:05 PM
> To: Bill Anderson
> Cc: zope@zope.org
> Subject: Re: [Zope] Zope2b1 and Zclass permission ... 
> something missing
> 
> 
> Hi, Bill
> 
>     In a way I feel better that I'm not the only one confused 
> by this :)
> 
> I wrote:    http://www.zope.org/pipermail/zope/1999-July/007365.html
> about the same problem..
> 
> I also ran into what I believe is a permissions related problem adding
> instances of a subclass of a ZClass.
> 
> I've actually given up on beta 1 for the moment, because I'm 
> having so much
> trouble building my classes. The DC guys never fail to 
> impress, though, so
> I'm sure beta 2 will rock.
> 

Well that's a nice compliment.  Note that *alot* of the underlying
permission stuff in ZClasses and products has changed in the beta one.
These changes are documented in the CHANGES.txt.  I would make sure you
review these before we call it a bug.

From CHANGES.txt:

- A number of changes have been made to enhance security
  control in through-the-web-developed products:

  - There are new "Permission" objects that can be added to 
    Products.  Permission objects provide a mechanism for
    defining new permissions. These new permissions show up in
    folder security screens.

  - Factory objects can have permission settings. This affects
    whether items show up in add lists and who can use factories.

  - Objects in products now have permission mapping rather
    than direct permission settings just like ZClass methods.

  - New permissions cannot be defined in ZClasses any longer.
    Rather, ZClasses can select from global permissions,
    including permissions defined with permission objects.

  Here's a sample scenario:

    1. Add a ZClass, "Container" with the option to create a
       factory and constructor methods.

    2. Add a permission object with the permission "Manage
       Containers".

    3. Change the permission of the factory created in step 1
       to "Manage Containers".

    4. Visit the ZClass created in step 1, view the "Define
       Permissions" view and map the "Create class instances"
       permission to "Manage Containers".

    5. Visit the constructor DTML Methods created in step 1,
       view the "Define Permissions" view and map the "View"
       permission to "Manage Containers".

  In this scenario, we created a ZClass and made it addable
  only by users (roles) that have the "Manage Containers" permission.

-Michel

> Kevin
>