[Grok-dev] grok.define_role

Luciano Ramalho luciano at ramalho.org
Wed Jul 25 13:17:31 EDT 2007

On 7/25/07, Jan-Wijbrand Kolman <janwijbrand at gmail.com> wrote:
> I wonder if we want Grok to have something like:
>   grok.define_role('my.rolename', permissions=('my.editpermission',
> 'my.whateverpermissions'))


> Or would this tie Grok to much to the default Zope security policy?

Making sensible defaults is in the spirit of agility, right? And the
default Zope 3 security policy is sensible.

For the developers of Rails, such choices are harder. Since they have
no underlying framework like we do, the risk of boxing-in the end
developer is greater for them.

In Grok I think we can offer one preferred way without fear, because
the end developer always has the option of going the Zope 3 way if
more flexibility is needed.


More information about the Grok-dev mailing list