[Zope-dev] Re: granting access to a single attribute with declarative security

Chris McDonough chrism@zope.com
Fri, 11 Jan 2002 09:53:25 -0500


This has been used to solve the problem seen by Michael when iterating 
over items and getting "meta_type" where the sessioning objects were in 
the list of items being iterated over.

Michael R. Bernstein wrote:

> On Wed, 2002-01-09 at 10:13, Wolfram Kerber wrote:
> 
>>>I didn't think you could have more than one
>>>setDefaultAccess in a class. If you can, then you can set:
>>>
>>>security.setDefaultAccess('deny')
>>>security.setDefaultAccess({'meta_type': 1})
>>>
>>The last 'setDefaultAccess' statement in a class will define the actual
>>behaviour, i.e use only one.
>>
>>
>>>But otherwise, you would have to list all attributes of the class in the
>>>dict of a single statement, wouldn't you?
>>>
>>No, all attributes that aren't in the dict are private.
>>
> 
> Thanks, Wolfram. That was very informative.
> 
> This will let classes that use declarative security have a deny by
> default policy, while still allowing access to certain attributes for
> backward compatibility.
> 
> Michael Bernstein.
> 
>