[Zope3-checkins] SVN: Zope3/trunk/src/zope/app/component/hooks.py Merged from ZopeX3-3.0 branch:

Jim Fulton jim at zope.com
Fri Aug 13 16:29:19 EDT 2004 

Log message for revision 27130:
  Merged from ZopeX3-3.0 branch:
  
    r27107 | jim | 2004-08-13 11:39:11 -0400 (Fri, 13 Aug 2004) | 3 lines
  
  Added an explanation for calling removeSecurityProxy. Also changed
  from using trustedRemoveSecurityProxy to using removeSecurityProxy.
  


Changed:
  U   Zope3/trunk/src/zope/app/component/hooks.py


-=-
Modified: Zope3/trunk/src/zope/app/component/hooks.py
===================================================================
--- Zope3/trunk/src/zope/app/component/hooks.py	2004-08-13 20:17:50 UTC (rev 27129)
+++ Zope3/trunk/src/zope/app/component/hooks.py	2004-08-13 20:29:19 UTC (rev 27130)
@@ -23,8 +23,7 @@
 from zope.app.site.interfaces import ISite
 from zope.component.service import serviceManager
 from zope.component.exceptions import ComponentLookupError
-from zope.proxy import removeAllProxies
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.app.traversing.interfaces import IContainmentRoot
 from zope.app.location.interfaces import ILocation
 from zope.app.location import locate
@@ -63,7 +62,15 @@
     if site is None:
         services = serviceManager
     else:
-        site = trustedRemoveSecurityProxy(site)
+
+        # We remove the security proxy because there's no way for
+        # untrusted code to get at it without it being proxied again.
+
+        # We should really look look at this again though, especially
+        # once site managers do less.  There's probably no good reason why
+        # they can't be proxied.  Well, except maybe for performance.
+        
+        site = removeSecurityProxy(site)
         services = site.getSiteManager()
 
     siteinfo.site = site
@@ -84,8 +91,18 @@
     # Deprecated support for a context that isn't adaptable to
     # IServiceService.  Return the default service manager.
     try:
-        return trustedRemoveSecurityProxy(IServiceService(context,
-                                                          serviceManager))
+
+
+        # We remove the security proxy because there's no way for
+        # untrusted code to get at it without it being proxied again.
+
+        # We should really look look at this again though, especially
+        # once site managers do less.  There's probably no good reason why
+        # they can't be proxied.  Well, except maybe for performance.
+
+
+        return removeSecurityProxy(IServiceService(context,
+                                                   serviceManager))
     except ComponentLookupError:
         return serviceManager

More information about the Zope3-Checkins mailing list