[Zope-Coders] RFC: Death to string exceptions
Tres Seaver
tseaver at zope.com
Tue Nov 18 07:58:10 EST 2003
On Tue, 2003-11-18 at 07:47, Florent Guillaume wrote:
> Stefan wrote:
> > Tres wrote:
> >
> > > As with content_status_modify, should be catching
> > > zExceptions.Unauthorized.
> >
> > I have always used AccessControl.Unauthorized. Am I screwed now?
>
> Argh dammit, what's this with these different Unauthorized classes ? I
> hope nobody ever raises zExceptions.Unauthorized because not much code
> will be able to catch it seeing that everyone uses
> AccessControl.Unauthorized... (which subclasses
> zExceptions.Unauthorized).
Hmm, I didn't realize that those were different classes; I thought they
were aliases. Given that AccessControl.ZopeSecurityPolicy raises the
subclass, while the ZPublisher.{Base,HTTP}Response raises the base
class, application code is definitely better off catching the base
class.
Is the distinction part of the design? Is the following supposed *not*
to be catchable::
REQUEST['RESPONSE'].unauthorized()
while the "normal" unauthorized can be caught?
Tres.
--
===============================================================
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
More information about the Zope-Coders
mailing list