[Zope] Using Access Rules

[Jamie Heilman]

Dennis Allison wrote:
> Good thought, but it doesn't fit the dynamics of the situation and does
> not scale.  I'm still thinking a path based access permissions approach 
> ought to work provided the access controls are hard to disable and
> provided the number of legal access paths is relatively small.

Well if you want to secure access rules further I threw a patch into
the collector ages ago to remove the silly traversal stack semaphore,
its in there somewhere, but if it was me I'd probably write a custom
product for something like this.  You need 1 object that can identify
a user, their state, and control the logic behind what they are
presented with next.  While that object probably needs to be
traversable, there's no reason the objects representing your data (the
tests/answers) need be.

-- 
Jamie Heilman                     http://audible.transient.net/~jamie/
"Most people wouldn't know music if it came up and bit them on the ass."
                                                        -Frank Zappa