[Zope-dev] Zope.pipeline proposal

Dan Korostelev nadako at gmail.com
Wed Feb 25 11:52:06 EST 2009


2009/2/25 Martijn Faassen <faassen at startifact.com>:
> One area that I'd like to see support for is some easy way to turn off
> security proxies. It's rumored there is such a way but with Grok, we
> ended up ripping them off repeatedly anyway. Am I right in that it
> should be possible to put a WSGI endware on top of this whole stack that
> does an explicit security check?

I think so. Currently, the main entry point for security proxies is
the "get root" method of the publication, so if you'll use modified
publication object that don't wrap root object in the ProxyFactory,
you'll rip most of them. However, some things, like trusted adapters
rewrap objects using ProxyFactory, so, maybe we could add some
modifier to the ProxyFactory function that just makes it return object
as is w/o wrapping. This way we could turn off proxies globally
without need to modify code that uses ProxyFactory.

-- 
WBR, Dan Korostelev


More information about the Zope-Dev mailing list