[Zope3-checkins] SVN: Zope3/branches/ZopeX3-3.0/src/zope/app/component/hooks.py Added an explanation for calling removeSecurityProxy. Also changed

Jim Fulton jim at zope.com
Fri Aug 13 11:39:11 EDT 2004 

Log message for revision 27107:
  Added an explanation for calling removeSecurityProxy. Also changed
  from using trustedRemoveSecurityProxy to using removeSecurityProxy.
  


Changed:
  U   Zope3/branches/ZopeX3-3.0/src/zope/app/component/hooks.py


-=-
Modified: Zope3/branches/ZopeX3-3.0/src/zope/app/component/hooks.py
===================================================================
--- Zope3/branches/ZopeX3-3.0/src/zope/app/component/hooks.py	2004-08-13 15:35:07 UTC (rev 27106)
+++ Zope3/branches/ZopeX3-3.0/src/zope/app/component/hooks.py	2004-08-13 15:39:11 UTC (rev 27107)
@@ -20,8 +20,7 @@
 from zope.app.site.interfaces import ISite
 from zope.component.service import serviceManager
 from zope.component.exceptions import ComponentLookupError
-from zope.proxy import removeAllProxies
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.app.traversing.interfaces import IContainmentRoot
 from zope.app.location.interfaces import ILocation
 from zope.app.location import locate
@@ -60,7 +59,15 @@
     if site is None:
         services = serviceManager
     else:
-        site = trustedRemoveSecurityProxy(site)
+
+        # We remove the security proxy because there's no way for
+        # untrusted code to get at it without it being proxied again.
+
+        # We should really look look at this again though, especially
+        # once site managers do less.  There's probably no good reason why
+        # they can't be proxied.  Well, except maybe for performance.
+        
+        site = removeSecurityProxy(site)
         services = site.getSiteManager()
 
     siteinfo.site = site
@@ -81,8 +88,18 @@
     # Deprecated support for a context that isn't adaptable to
     # IServiceService.  Return the default service manager.
     try:
-        return trustedRemoveSecurityProxy(IServiceService(context,
-                                                          serviceManager))
+
+
+        # We remove the security proxy because there's no way for
+        # untrusted code to get at it without it being proxied again.
+
+        # We should really look look at this again though, especially
+        # once site managers do less.  There's probably no good reason why
+        # they can't be proxied.  Well, except maybe for performance.
+
+
+        return removeSecurityProxy(IServiceService(context,
+                                                   serviceManager))
     except ComponentLookupError:
         return serviceManager

More information about the Zope3-Checkins mailing list