[Zope3-checkins] CVS: Zope3/src/zope/app/publication - browser.py:1.4 configure.zcml:1.4 publicationtraverse.py:1.4
Jim Fulton
jim@zope.com
Tue, 31 Dec 2002 13:27:28 -0500
Update of /cvs-repository/Zope3/src/zope/app/publication
In directory cvs.zope.org:/tmp/cvs-serv1916/src/zope/app/publication
Modified Files:
browser.py configure.zcml publicationtraverse.py
Log Message:
Hold on to your butts! :)
In an effort to make zcml view definitions even easier to understand
(see
http://dev.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/ZCMLBrowserViewDirectiveSimplification
)
I've finished a long-overdue refactoring of the configuration
directives for defining views. The logic is now a good bit less
complicated.
I also simplified the way security assertions on views were
handled. To make this work right, I had to fix a bug in the
publication machinery. Now, as objects are traversed, the results of
traversal are put in security proxies. This is really necessary to
treat URLs as "untrusted code", which they are.
I updated the meta-configuration directives for views and ran the zcml
documentation utility, so there is now documentation for the (new)
view directives. See the files 'page', 'pages', and 'view', in
'doc/zcml/namespaces.zope.org/browser'.
I feel these changes are highly desireable for the alpha, but they are
significant enough that the chance of breakage is a lot higher than
I'd like just before the alpha. I'd appreciate it if folks would let
me know if I've broken anything.
=== Zope3/src/zope/app/publication/browser.py 1.3 => 1.4 ===
--- Zope3/src/zope/app/publication/browser.py:1.3 Mon Dec 30 16:44:45 2002
+++ Zope3/src/zope/app/publication/browser.py Tue Dec 31 13:26:57 2002
@@ -24,6 +24,7 @@
from zope.proxy.context import ContextWrapper
from zope.proxy.introspection import removeAllProxies
from zope.publisher.interfaces.browser import IBrowserPublisher
+from zope.security.checker import ProxyFactory
class PublicationTraverser(PublicationTraverser_):
@@ -36,6 +37,7 @@
if adapter is None:
return ob
ob, path = adapter.browserDefault(request)
+ ob = ProxyFactory(ob)
if not path:
return ob
@@ -57,9 +59,10 @@
else:
return (ob, None)
- if r[0] is ob: return r
+ if r[0] is ob:
+ return r
- wrapped = ContextWrapper(r[0], ob, name=None)
+ wrapped = ContextWrapper(ProxyFactory(r[0]), ob, name=None)
return (wrapped, r[1])
# For now, have a factory that returns a singleton
=== Zope3/src/zope/app/publication/configure.zcml 1.3 => 1.4 ===
--- Zope3/src/zope/app/publication/configure.zcml:1.3 Mon Dec 30 18:50:30 2002
+++ Zope3/src/zope/app/publication/configure.zcml Tue Dec 31 13:26:57 2002
@@ -14,7 +14,7 @@
<browser:view
name="_traverse"
for="zope.app.interfaces.content.file.IFileContent"
- factory="zope.app.publication.traversers.FileContentTraverser"
+ class="zope.app.publication.traversers.FileContentTraverser"
permission="zope.Public"
/>
=== Zope3/src/zope/app/publication/publicationtraverse.py 1.3 => 1.4 ===
--- Zope3/src/zope/app/publication/publicationtraverse.py:1.3 Sat Dec 28 12:49:29 2002
+++ Zope3/src/zope/app/publication/publicationtraverse.py Tue Dec 31 13:26:57 2002
@@ -20,6 +20,7 @@
from zope.publisher.interfaces import NotFound
from types import StringTypes
from zope.proxy.context import ContextWrapper
+from zope.security.checker import ProxyFactory
from zope.app.interfaces.container import IWriteContainer
from zope.proxy.introspection import removeAllProxies
@@ -53,7 +54,7 @@
if ns:
ob2 = namespaceLookup(name, ns, nm, unknown_parms, ob, request)
- return ob2
+ return ProxyFactory(ob2)
if unknown_parms:
nm = "%s;%s" % (
@@ -78,7 +79,7 @@
else:
raise NotFound(ob, name, request)
- return ContextWrapper(ob2, ob, name=name)
+ return ProxyFactory(ContextWrapper(ob2, ob, name=name))
class PublicationTraverser(PublicationTraverse):