[Zope-dev] Zope 2.12.10, permission zope.Public vs zope2.Public

Sylvain Viollon sylvain at infrae.com
Mon Aug 23 14:04:24 EDT 2010


On Mon, 23 Aug 2010 18:29:55 +0200
Hanno Schlichting <hanno at hannosch.eu> wrote:

  Hello Hanno,

> On Mon, Aug 23, 2010 at 6:13 PM, Sylvain Viollon <sylvain at infrae.com>
> wrote:
> >  In Zope 2.12.10, in permissions.zcml of Five, zope2.Public is
> >  defined. So you can use it in ZCML.
> >
> >  However the code who setup the security in security.py of the same
> >  package doesn't care about zope2.Public, just about zope.Public.
> >
> >  So when you use the permission zope2.Public, your page is not
> > public, and when you use the permission zope.Public, well you get
> > an error as it is not declared.
> >
> >  (I would just rename the permission in the ZCML I think, that will
> >  create errors for users to force them to update their code).
> 
> How is this different from the current situation? We have this in
> site.zcml:
> 
> <meta:redefinePermission from="zope2.Public" to="zope.Public" />
> 

  I dont' really know, probably this meta doesn't work as expected.

  I clearly know from my tests that:

  - with zope2.Public as a permission on my view it was not public
    (anonymous could not access it),

  - if I use zope.Public I got an error that this permission didn't
    exists (while loading the ZCML),

  - and if I defined zope.Public with a permission ZCML tag and used it
    it worked (my view was public for real, anonymous could access it).

  (and I have the same thing in my site.zcml, and I even include
  Products.Five in my ZCML myself).

  Probably I should open a launchpad issue.

  Regards,

  Sylvain,




-- 
Sylvain Viollon -- Infrae
t +31 10 243 7051 -- http://infrae.com
Hoevestraat 10 3033GC Rotterdam -- The Netherlands


More information about the Zope-Dev mailing list