[Grok-dev] Re: grok.Permission and grok.Role

Jan-Wijbrand Kolman janwijbrand at gmail.com
Thu Sep 20 08:10:54 EDT 2007

Jan-Wijbrand Kolman wrote:
> I have implemented your suggestion on the 
> jw-proper-components-for-role-permission branch.
> Permssion definitions now look like:
>   class MyPermission(grok.Permission):
>     id = 'my.permission'
>     title = u'My Permission' # should this be optional?
>     description = u'When you're allowed to foobar' # optional
> Role permission now look like:
>   class MyRole(grok.Role):
>     id = 'my.role'
>     title = u'My Role' # should this be optional?
>     description = u'When you're a Bazqux' # optional
>     grok.permissions('my.permission', ...)
> There's no realy "grokified' error reporting yet when you forget about 
> the id and/or title attribute on your permission and role classes.
> I'll merge this with the trunk after I get feedback on this change.

I did get feedback on this branch indeed. Martijn and I have been 
discussing the implementation on the branch and we came to the following 
two conclusions:

* It might be better (after all) to have a grok.Role and grok.Permission 
classes that directly subclass from zope.app.securitypolicy.role.Role 
and zope.security.permission.Permission.

* Let's consistently use the grok.name/grok.title/grok.description 
directives like Martijn proposed in the "proposal: grok.title() and 
grok.description()" thread.

Current status:

1) I can remove the jw-proper-components-for-role-permission branch 
without merging anything from it.

2) I have updated the trunk to create and register "real" Permission and 
Role instances, since the grok.Role and grok.Permission are now 
subclasses from zope.app.securitypolicy.role.Role and 

This update did not need any change in the tests. Thus, it is my 
expectation that code that currently uses the grok.Permission and 
grok.Role components will continue to work without a change.

Kind regards,

More information about the Grok-dev mailing list