[Zope3-Users] proxied list object in a schema
Tim Terlegård
tim at se.linux.org
Sun Dec 17 08:21:03 EST 2006
Would someone like to explain how to use a list in a schema object
without getting ForbiddenAttribute? This is my use case.
class IChat(Interface):
messages = Attribute('Chat messages')
class Chat(Persistent):
def __init__(self):
self.messages = persistent.list.PersistentList()
<class class=".chat.Chat">
<require permission="zope.View" interface=".interfaces.IChat" />
<require permission="zope.View" set_schema=".interfaces.IChat" />
</class>
I have a Chat class that implements IChat and that is declared in
configure.zcml. Both the chat object and the 'messages' attribute are
proxied automatically, right? The <require /> tags in configure.zcml
adds security declarations to the chat object, but not to the 'messages'
attribute. Am I correct this far?
When I call self.context.messages.append(...) (in a browser page for
IChat) I get ForbiddenAttribute on append. I should get this, so this
is ok. But list or PersistentList has no interface I can use in IChat
instead of Attribute. So I tried using zope.schema.List instead, but
the interface of that was a small subset of what list provides and
doesn't have append either. So I don't know how to add these security
declarations to the 'messages' attribute.
How can I use a list without getting security proxy problems? Do I have
to make my own list implementation and interface?
Tim
More information about the Zope3-users
mailing list