[Grok-dev] Re: Grok component reuse in the Zope 3 world (was Re: Re: ANN: megrok.quarry)

Martijn Faassen faassen at startifact.com
Sun May 6 15:14:37 EDT 2007


Hey Gary,

[meta discussion about the debate]

Thanks for replying back. I think this discussion has helped both you 
and myself to articulate some points better, and hopefully has now 
communicate some of these points to any readers we still have left on 
this thread. :)

Gary Poster wrote:
[snip]
> So, the rest of my reply, and debate, is out of politeness, really, 
> since you have taken the time to think and write back. :-)  My goal has 
> been met as best as I had hoped it to be met, realistically.  You know I 
> don't stick my head up in the community too much, and a big reason is 
> that I don't have much time at home or work for it.  I respect your time 
> too, so I want to "talk back".  But, heh, if you don't give another 
> thought-provoking reply in return I won't mind. ;-)

Thanks for the appreciation! I think we understand each other better 
now. I think so because my reply is more about details and explanations 
than about debating anything. :)

[snip]
>> * I think the problem might in fact be smaller than you suspect. ZCML 
>> statements produce configuration state, just like grokking does. You 
>> should be able to produce with ZCML statements whatever registrations 
>> that Grok can produce through grokking. You would still need to depend 
>> on base classes provided by Grok, though.
> 
> So, Grok uses the underlying configuration machinery that ZCML uses, 
> with two steps so you can override registrations and detect conflicts 
> and so on, and Grok and ZCML manipulate the same data structure in the 
> first stage, and therefore ZCML can override Grok registrations and vice 
> versa?  If so, hooray.  That would allay many fears.

Unfortunately, not yet. I can however truthfully say this has been our 
plan since the very beginning. :)

We haven't done this yet out of expedience - we didn't want to spend a 
lot of time up front to make this happen while we didn't really know yet 
what Grok would look liked from a higher level perspective. So, right 
now we directly use the component architecture's APIs. I think that this 
  was the right decision at the time.

I also think we know enough now to start the process of getting this 
done now, though. This means we may need to do some work on the Zope 3 
end, to produce a python API for issuing configuration actions, and 
possibly get ZCML to reuse that same API. Possibly we can get away with 
doing less. We haven't explored the problem enough yet to know, but we 
are bound to find out when we try.

> One that would not be allayed is that, where ZCML allows separate files 
> so you can mix and match what you want to import and use, AFAIK you can 
> either grok a package or not.  But that's a pretty trivial complaint if 
> you are using the underlying ZCML configuration machinery.

Right, I hope we can take care of these concerns by other mechanisms 
(such as tagging).

> I snipped out a lot above and below because the above is basically my 
> response to big chunks of it, and I was repeating myself.
> 
>>>> Is it because a grok-based component wouldn't include enough 
>>>> security declarations? (because in grok you don't need to). That's 
>>>> the only thing I can think of. It's a hard one to solve, as writing 
>>>> code with a lot of permissions sprinkled around is a major pain Grok 
>>>> tries to get rid of.
>>> Certainly that's an issue.  Especially given that security changes 
>>> can be very important to us, as I alluded above.  If grok security 
>>> assumptions pervade a bit of code, it's almost certain that I can't 
>>> use it.
>>
>> I'd argue it's the other way around - normal Zope 3 usage has security 
>> assumptions spread throughout the code.
> 
> Certainly there are security assumptions spread throughout the code that 
> are different than the Grok approach: Grok wants to do security on 
> view-level, and everything else in Zope 3 doesn't. 

And quite a bit of Zope 3 code is security-neutral - whenever you use a 
utility for instance.

> The Grok approach is 
> appealing for apps that don't have TTW code, and in retrospect might 
> have been a reasonable way to structure the default Zope 3 
> configuration.  Amusingly (to me anyway), though, I actually want the 
> current Zope 3 approach, because I actually have TTW code in some of my 
> apps.

Cool, TTW Zope 3 code, that's the first time I've heard of it being in 
practical use! :) I'm sure Zope 3 developers would be curious to find 
more about this!

> Doesn't effectively Grok make the same kind of security assumptions, but 
> in reverse?  If not, interesting and cool. 

I'm not sure what you mean by this question. We basically only do a 
security check when a view is requested. That is of course a security 
assumption, but not one that tends to be very infectious in code.

> Maybe we ought to make that 
> switch easier to make in Zope core, then.

That would be nice to have. At present we use a hack that keeps turning 
it off during traversal, though Philipp and Christian can tell you more 
about this than I can.

> As you might expect, though, 
> practically, I need it to be easy to keep on using the current Zope 3 
> approach.

Understood.

> Of course, if the Grok-like changes to Zope 3 core would mean, for 
> instance, that objects without security assertions would be assumed to 
> be playing the Grok way, and so implicitly/automatically allowed, that 
> would not be so good for me.

 > The kind of security assumptions I was thinking of in my original
 > comment was assuming a security policy.  Maybe Grok's stuff wouldn't
 > make that a problem, but because AIUI you have changed the security
 > story it would definitely be a task to confirm that.

Grok just rips off security proxies so we don't have to deal with any 
Python-level security policy. We want something similar to Zope 2, where 
filesystem code is trusted.

The security policy with default Grok hasn't changed, just the policy of
introducing security proxies.

We only want the 'grok' package take care of getting rid of security 
proxies. When you develop a grok-based component and want to play nicely 
with non-Grok code (which you should) you'd not depend on the 'grok' 
package directly, so your package would be neutral to security policy.

Two possible problems with this:

* you are not going to make permission declarations in most places. This 
would be a problem for zope 3 code which needs those permissions. 
Hopefully ZCML can be used to introduce them externally where needed.

* Code will make the assumption that you can call anything without 
security getting in the way. This might mean that code is structured in 
a way hard to provide the correct permissions for. Also, obviously no 
removeSecurityProxy anywhere. We can't really require of developers to 
worry about python-level security just for compatibility's sake, as that 
would defeat the point of trying to take away some of those worries from 
them, so this one is hard to solve. Hopefully it doesn't occur too often.

[snip]

>> The problem is that what you're asking is not really doable and have 
>> Grok still be Grok, as I described above in the case of adapters. I 
>> can't separate the adapter registration from the adapter 
>> implementation with Grok:
>>
>> class MyAdapter(grok.Adapter):
>>    grok.context(ITheAdapted)
>>    grok.provides(ISomeInterface)
>>
>> But if you wanted to use ZCML to register this adapter, you'd write 
>> something like:
>>
>> <adapter for="ITheAdapted" factory="module.MyAdapter" 
>> provides="ISomeInterface" />
>>
>> and that should still work.
> 
> [aside]
> 
> In that particular example, isn't that a bit of wheel reinvention?  
> These days, I can do the following:
> 
> class Foo(object):
>     zope.interface.implements(IFoo)
>     zope.component.adapts(IBar)
> 
> and then
> 
> <adapter factory="Foo" />

zope.component.implements will also work, if Foo implements only a 
single interface.

The other wheel reinvention (grok.context instead of component.adapts) 
happens because it's part of the heart of Grok. You can leave out 
grok.context and have it work too, if what you're adapting is a content 
object defined in the same module, or if grok.context() is used on 
module level. Part of the 'convention over configuration' story.

Note that grok.context is not exactly the same as component.adapts, as 
grok.context in the case of views just points to the content object and 
hides the multi adapter details.

That said, we should look into making zope.component.adapts work too.

> or similarly
> 
> @zope.interface.implementer(IFoo)
> @zope.component.adapter(IBar)
> def foo(bar):
>     # ...
> 
> and then
> 
> <adapter factory="foo" />
> 
> Couldn't grok reuse the standard zope.interface and zope.component 
> spellings?

It should at least allow those spellings. I'm a bit worried we'd end up 
having multiple ways to do it, but I think it's worth it in this case, 
if we don't give these spellings too much prominence in the tutorial.

> [...again, snipping bits to which I think I effectively replied...]
> 
>> You're clearly not forcing us to use ZCML instead of other approaches 
>> for our own packages, otherwise we couldn't have written Grok. Why do 
>> you think we would be forcing you if you turn this around and you use 
>> a Grok-based package?
> 
> Well, because, (as I think you acknowledge several times) "you aren't 
> there yet".  As I said at the start, I know you guys are smart, and 
> since you are working towards this, then yay.  As I said, if you are 
> using the underlying Zope configuration stuff that ZCML uses, then many 
> of my most significant worries go away.

Yes, good point of course; we're not there yet. The eggification of Zope 
3 made us realize we need to get there relatively soon. Some of the 
spiritedness of my response can be explained because I was already 
hacking away on martian, which is an important step on the way. It's a 
concern I've been thinking about a lot recently. :)

> Thanks again for your reply.  I'll try to make a quick reply to your 
> next one too, from my response to Lennart. ;-)

And thank you for keeping up the discussion. It's good to have this 
exchange of views and concerns.

Regards,

Martijn



More information about the Grok-dev mailing list