[Zope-dev] Help on Zope security needed ...
Joachim Werner
joe@iuveno-net.de
Fri, 3 Aug 2001 03:40:37 +0200
> Just tested it with blank zope 2.3.3
>
> /
> method
> - testfolder
> - userfolder with user test and manager role (just in testfolder!)
>
> The following doesn't work for user test:
>
> http://localhost/method/manage
>
>
> The following _will_ work for user test:
>
> http://localhost/testfolder/method/manage
>
>
> and let's me change method, which is contained
> in zopes root.
>
> Hmm, this shouldn't be so, should it?
No, it shouldn't.
Am starting to think that the Zope security model implementation is a bit
"strange". What I'd need in practice is a security model that
a) is completely predictable (that's what
http://dev.zope.org/Wikis/DevSite/Proposals/SecurityJihad is working on)
b) would normally make sure that somebody in a subfolder can not get access
to anything that is explicitly protected in the parent folder
c) would on the other hand offer the possibility to bind access to a role,
regardless where in the folder hierarchy somebody gets the role.
The problem is with acquisition: If I have an "editButtonsBar" widget in my
root directory, I'd like to make it available to ALL Editors, not just to
the ones who have editor roles in root.
On the other hand, if I have a standard header or footer that should not be
overriden in a subfolder, this should be possible. This means I'd not only
need a permission that can not be bound to roles in the subfolder, but also
a mechanism to prevent overriding the object ...