[Grok-dev] Re: 0.14 todo list

Philipp von Weitershausen philipp at weitershausen.de
Tue Jul 29 15:29:27 EDT 2008


Martijn Faassen wrote:
> Hi there,
> 
> Philipp von Weitershausen wrote:
> [snip]
>>> Anything else to put on the list?
>>
>> Model-based security.
> 
> I deliberately didn't put it on the list, as 0.14 will be challenging 
> enough without it. It'd like to get the WSGI stuff in there finally, and 
> that's a huge enough new feature without piling on this.
> 
> Anyway, just a meme correction: Grok *does* have model-based security 
> and always has. We shouldn't go around saying Grok doesn't have it. It 
> doesn't have model-based security *checks*, but it's perfectly possible 
> to assign someone or a group a permission or role on a model.

Not wanting to get into a terminology discussion, but I'd call these 
"model-based grants". This is a feature of Grok's default security 
policy, zope.securitypolicy. By model-based security I meant 
attribute-level protections on models.


More information about the Grok-dev mailing list