[Zope] Using Access Rules
Jamie Heilman
jamie at audible.transient.net
Fri Apr 30 22:38:10 EDT 2004
Dennis Allison wrote:
> Good thought, but it doesn't fit the dynamics of the situation and does
> not scale. I'm still thinking a path based access permissions approach
> ought to work provided the access controls are hard to disable and
> provided the number of legal access paths is relatively small.
Well if you want to secure access rules further I threw a patch into
the collector ages ago to remove the silly traversal stack semaphore,
its in there somewhere, but if it was me I'd probably write a custom
product for something like this. You need 1 object that can identify
a user, their state, and control the logic behind what they are
presented with next. While that object probably needs to be
traversable, there's no reason the objects representing your data (the
tests/answers) need be.
--
Jamie Heilman http://audible.transient.net/~jamie/
"Most people wouldn't know music if it came up and bit them on the ass."
-Frank Zappa
More information about the Zope
mailing list