[Zope] Re: implicit vs. explicit ownership?

Jürgen Herrmann Juergen.Herrmann at XLhost.de
Thu Oct 20 10:41:59 EDT 2005


[ Florent Guillaume wrote:]
> Jürgen Herrmann wrote:
>> in AccessControl.Owned.Owned:
>>
>>     def manage_changeOwnershipType(explicit=1, RESPONSE=None,
>> REQUEST=None):
>>         """Change the type (implicit or explicit) of ownership.
>>         """
>>
>> can somebody please explain what's the difference between explicit
>> and implicit here, or provide a rtfm hint?
>
> Note that this is *executable* ownership, about which few people care
> (except those that develop code-like objects).
> Read http://www.zope.org/Members/jim/ZopeSecurity/ServerSideTrojan for
> background.
>
> Here the "implicit" or "explicit" executable ownership is just the fact
> that
> the _owner is acquired from the parent or explicitely set on the object.

thanks for your answer...

hmm, i'm a bit confused now. do you say that changeOwnershipType() only
has to do with "executeable ownership"?
especially i have to know which methods of the IOwned interface are
essential and have to be reimplemented properly on my objects.

...but the fog is clearing up a little bit now, i thought that the
"owner" role would be completely dynamically assigned to a user by
getRolesInContext, now i see that this is done at object creation time
and more than one user can have the local role "owner" on an object.

for my use cases i'd prefer to let getRolesInContext() add the "owner"
role to it's return list if the (runtime and proprietary) owner check
tells it to. any contraindications (besides performance, possibly)?

regards, juergen herrmann
_______________________________________________________________________

>> XLhost.de - eXperts in Linux hosting <<

Jürgen Herrmann
Bruderwöhrdstraße 15b, DE-93051 Regensburg

Fon:  +49 (0)700 XLHOSTDE [0700 95467833]
Fax:  +49 (0)721 151 463027
WEB:  http://www.XLhost.de


More information about the Zope mailing list