[Zope] securityinfo for a class

Fernando Martins fmartins@hetnet.nl
Tue, 15 Jul 2003 00:28:02 +0200


From: Dieter Maurer
>  > ModuleSecurityInfo('email').declarePublic('Message')
>  > ModuleSecurityInfo('Message').declarePublic('get')
>
> Reread the "README" for "PythonScripts" and the security
> section in the Zope Developer Guide.
>

Hmm, okay. I realise I didn't try something like

 allow_module('DateTime.DateTime')

but I also followed the guidelines in the file module_access_examples.py,
namely the example (adapted to email.Message)

# ModuleSecurityInfo('httplib').declarePublic('HTTP')
# from httplib import HTTP
# allow_class(HTTP)

and I got some error about read only file or similar msg (I'm on windows).

> Watch out for the difference between a module and a class.
>
> The second line seems to indicate that "Message" should be
> a class (as 'get' is an unusual function in a module).
> But you are using "ModuleSecurityInfo".

Indeed, I realised I might have to use something else shortly afterwards but
using ClassSecurityInfo didn't help at all.

> Also: "ModuleSecurityInfo" need a full path to the module,
> something like "email.Message".
>

That's not what is suggested in the examples and I didn't get any error
(like module not found), but probably you're rigth.

Thanks,
Fernando