[ZPT] Are PageTemplateFiles restricted code?
Michael R. Bernstein
mbernstein@codeit.com
28 Feb 2002 11:53:57 -0800
On Thu, 2002-02-28 at 11:18, Evan Simpson wrote:
> Michael R. Bernstein wrote:
> > Damn. How then am I supposed to do:
> >
> > <title tal:content="/here/title">The Title</title>
> >
> > ...when I lock down the class as deny by default with:
> >
> > security.setDefaultAccess("deny")?
>
> Blanket "deny" is likely to be painful in other ways... try this:
>
> ok = {'meta_type':1, 'id':1, 'icon':1, 'bobobase_modification_time':1 }
> security.setDefaultAccess(ok)
Well, Ok. I realize that 'some' attributes need to be accessible to
restricted code (after all, I discovered that browser_id_manager had
this problem).
But I don't want to grant access to ALL of the class attributes in this
way, just to make them available to the class index_html view.
Writing accessor methods for the attributes seems overkill. Filesystem
code should be unrestricted (IMHO), esp. when I'm still in the
prototyping stage. Can we have an UnrestrictedPageTemplateFile ?
Michael.
--
---------------------------------------------------
| Michael Bernstein http://michaelbernstein.com |
| |
| CodeIt Computing http://codeit.com |
---------------------------------------------------