[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/OFS/Folder/Views/Browser - browser.zcml:1.1.4.1.10.1

Jim Fulton jim@zope.com
Fri, 26 Apr 2002 14:23:15 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/App/OFS/Folder/Views/Browser
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/App/OFS/Folder/Views/Browser

Modified Files:
      Tag: SecurityProxy-branch
	browser.zcml 
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:

- You now protect names/operations, *not* values. This means it's as
  easy yo protect data attributes that have simple values as it is to
  protect methods.

- There is no longer a __permissions__ attribute. :)

- There is no longer a validate method in either security managers or
  policies. 

- No more need to have a special compiler for restricted code.
  In exchange, lots of objects are proxies and code sometimes needs to
  be prepared to remove proxies.

In addition:

- Basic objects (None, strings, numbers, etc.) are not wrapped in
  context wrappers.

- There is a test that fails unless Python 2.3 is used.



=== Zope3/lib/python/Zope/App/OFS/Folder/Views/Browser/browser.zcml 1.1.4.1 => 1.1.4.1.10.1 ===
     name=".FolderContents."
     permission_id="Zope.ManageContent" 
-    methods="index, addServiceManager"/>
+    names="index, addServiceManager"/>
      
   <browser:view name="adder"
     for="Zope.App.OFS.Folder.Folder.IFolder."
@@ -22,7 +22,7 @@
   <security:protectClass 
     name=".FolderAdder."
     permission_id="Zope.ManageContent" 
-    methods="index" />
+    names="index" />
 
 
   <!-- Loaded Folder View Directives -->
@@ -34,7 +34,7 @@
   <security:protectClass 
     name=".LoadedFolderContents."
     permission_id="Zope.View" 
-    methods="index, moveObjectsUp, moveObjectsDown, moveObjectsToTop, 
+    names="index, moveObjectsUp, moveObjectsDown, moveObjectsToTop, 
              moveObjectsToBottom" />
 
   <browser:view name="limit"
@@ -44,7 +44,7 @@
   <security:protectClass 
     name=".FolderLimitEdit."
     permission_id="Zope.ManageContent" 
-    methods="index, action, getFieldViews" />
+    names="index, action, getFieldViews" />
 
   <browser:view name="LimitFieldView"
     for="Zope.App.OFS.Container.IContainerLimit."
@@ -58,6 +58,6 @@
   <security:protectClass 
     name=".FolderAdder."
     permission_id="Zope.ManageContent" 
-    methods="index, confirmed, action, listAddableInfo" />
+    names="index, confirmed, action, listAddableInfo" />
 
 </zopeConfigure>