[Zope] Access Control vs Publishing Protoco

[Seb Bacon]

>  > .... This is because the thing which makes
>  > the problem hard is that something like standard_html_header
> wants to be
>  > editable by Managers TTW, which means it also has to be visible TTW.
>  > However, it's probably not something you want exposed to anonymous
>  > users, especially as a TTW enitity in its own right. objectIds is my
>  > other favourite example ;-)

OK, I'm still a newbie, and in particular I have yet to get my head round
zope security properly.  But I'm going to attempt to comment on this anyway.

For me, the 'visibility' problem is a real bugbear.  Apart from the
'security' issue of anon. users being able to list objectIds, it means I am
loathe to allow clients to manage their sites through the manage interface.
This is because they'll see it littered with methods which pop up a login
box whenever they click on them.  It looks horrible and unprofessional.

Anyway, I agree with Dieter / Chris.  Adding a 'URL Traversable'
('listable'?) permission to all objects and then tweaking methods that do
the traversing (objectIds, objectValues) would presumably fix this?  Would
this be easy?  I've never had a look at the security internals, but I'm
looking forward to having a go...

Chris W was talking about adding security on a protocol level as well as an
object level, but I can't really see why you would only want to be able to
edit a document through webDAV but *not* TTW.  In my mind, you're either
authenticated to do a task, or you're not.  It doesn't matter *how* you do
it.  That's why 'listable' or something like it would be a better name for
the permission than 'URL Traversable', IMHO (although they both sound
*ugly*).  Someone mentioned they found the ftp access permission useful -
I'd be interested to know how / why.

seb.