[Grok-dev] Security declarations

Marc Rijken marc at rijken.org
Fri Oct 9 09:46:03 EDT 2009


Hi,

In the security declarations we have to use the name of the permission. 
For me it is more logical and less error sensitive when the string may 
be replaced by the class.

The current situation is:

class FooPermssion(grok.Permission):
     grok.name('foo.permission')
     grok.title('Foo Permission')

class FooRole(grok.Role):
     grok.name('foo.Role')
     grok.title('Foo Role')
     grok.permissions(
         'foo.permission', # string
         )

class FooView(grok.View):
     grok.name('index.html')
     grok.require('foo.permission') # string

My preferred situation is:

class FooPermssion(grok.Permission):
     grok.name('foo.permission')
     grok.title('Foo Permission')

class FooRole(grok.Role):
     grok.name('foo.Role')
     grok.title('Foo Role')
     grok.permissions(
         FooPermission,  # class instead of string
         )

class FooView(grok.View):
     grok.name('index.html')
     grok.require(FooPermission) # class instead of string

What do you think?

Regards,

Marc


More information about the Grok-dev mailing list