[Grok-dev] Grok and permissions

Sebastian Ware sebastian at urbantalk.se
Sun Jan 13 11:49:43 EST 2008

13 jan 2008 kl. 12.33 skrev Luciano Ramalho:

> On Jan 13, 2008 7:56 AM, Sebastian Ware <sebastian at urbantalk.se>  
> wrote:
>> I think the example looks great!!! However, I would find easier to
>> follow if each class and method had a text explaining what goes on  
>> and
>> pointing out what (not obvious) design choices you made. You are
>> showing lots of great techniques that are useful.
> Thanks, Sebastian. I will add more docstrings and comments to the  
> code.
>> What happened to the annotations? Did you remove them for the time
>> being?
> No I didn't. Why do you ask?

Because I expected to find a reference to the grok.Annotation base  
class somewhere. Now I see that you have implement the annotations  
through the [class UserDataAdapter(object)] in [interfaces.py].

I think you will find that it is a lot easier using grok.Annotation.  
This is what I added to my application in order to create an edit  
history using annotations (used the doctests for grok.annotation to  
understand how to implement it), the code to annotate principals will  
obvously be simpler:

class IProtonEditHistory(Interface):
     This is the edit history annotation.
     def addEdit(description, data):
         """ Add an edit to the edit history. """
     def getEdits():
         """ Get a list of edits. """

from BTrees.OOBTree import OOTreeSet
from zope.security.management import getInteraction
class ProtonEditHistory(grok.Annotation):

     def __init__(self):
         self._edits = OOTreeSet()

     def addEdit(self, description, data):
         interaction = getInteraction()
         ids = [ p.principal.id for p in interaction.participations ]
         edit = {
             'user_id': ids[0],
             'datetime': datetime.datetime.now(),
             'description': description,
             'data': data


     def getEdits(self):
         l = list(self._edits)
         l.sort(lambda x, y: cmp(x['datetime'], y['datetime']))
         return l

@grok.subscribe(ProtonObject, grok.IObjectModifiedEvent)
def create_edit(obj, event):
     history = interfaces.IProtonEditHistory(obj)
     desc = []
     if len(event.descriptions) == 0:
         attr = None
         desc.append('Uppdaterade... ')
         for descr in event.descriptions:
             desc.append(", ".join(descr.attributes))
             attr = list(descr.attributes)
     history.addEdit(''.join(desc), attr)

mvh Sebastian

> But I last night I started work on a simpler version of the LoginDemo
> which will not use annotations; user accounts will be stored in plain,
> unnatotated InternalPrincipals. That will cut a few dozen lines of
> code and make it more focused. However, the fact that adding just a
> little email field to a user is so complicated shows one weakness of
> the current Zope API.

If you use grok.Annotation I think you will find this to be a lot  
better :) but maybe you can make it simpler still.

>> I am not sure that this is too difficult. Basically, you have  
>> create a
>> template/recipe that a newbie can use to get up to speed with user
>> management. I think that is a good solution because it doesn't hide
>> the power, but makes it accesible.
> I agree that new examples/recipes are always good. But I still think
> this user facilities should be easier to use in Grok. Leo and I will
> work on a proposal to improve that this next week.
>> Also, I didn't get where you defined the permission
>> "grok.require('logindemo.ViewMemberListing')", or is that  
>> unnecessary?
> That permission is defined in the first page of app.py, like this:
> class ViewMemberListing(grok.Permission):
>    grok.name('logindemo.ViewMemberListing')
> The permission is assigned to new users in the join method of the Join
> view (app.py).

Right, I didn't see it at first.

> Best regards,
> Luciano

mvh Sebastian

More information about the Grok-dev mailing list