[Zope] securityinfo for a class
Fernando Martins
fmartins@hetnet.nl
Tue, 15 Jul 2003 00:28:02 +0200
From: Dieter Maurer
> > ModuleSecurityInfo('email').declarePublic('Message')
> > ModuleSecurityInfo('Message').declarePublic('get')
>
> Reread the "README" for "PythonScripts" and the security
> section in the Zope Developer Guide.
>
Hmm, okay. I realise I didn't try something like
allow_module('DateTime.DateTime')
but I also followed the guidelines in the file module_access_examples.py,
namely the example (adapted to email.Message)
# ModuleSecurityInfo('httplib').declarePublic('HTTP')
# from httplib import HTTP
# allow_class(HTTP)
and I got some error about read only file or similar msg (I'm on windows).
> Watch out for the difference between a module and a class.
>
> The second line seems to indicate that "Message" should be
> a class (as 'get' is an unusual function in a module).
> But you are using "ModuleSecurityInfo".
Indeed, I realised I might have to use something else shortly afterwards but
using ClassSecurityInfo didn't help at all.
> Also: "ModuleSecurityInfo" need a full path to the module,
> something like "email.Message".
>
That's not what is suggested in the examples and I didn't get any error
(like module not found), but probably you're rigth.
Thanks,
Fernando