[Zope3-dev] Zope3 comments and questions.
Jim Fulton
jim@zope.com
Tue, 11 Dec 2001 13:27:35 -0500
Chris Withers wrote:
>
...
> > You can protect the methods directly. You don't *have* to use an interface.
> > If you feel you must use interfaces to make security assertions, then you
> > will need to factor the inerfaces so that they don't overlap. For example, the
> > IContactEdit interface could be factored so that it extended IContactInfo and
> > IContactUpdate, where IContactUpdate provided only the update method. Then you
> > could use IContactUpdate in your security assertion.
>
> Ah, okay, so, in short, from my point of view, don't use interfaces to make
> security assertions ;-)
If interfaces can capture what you want cleanly, then I agree.
It will be quite commonfor components to implement one interface
and need simple protection. In this case, using the interface
is very handy.
> (do Zope 3 internals use interfaces to make security assertions?)
You ask that as if there were many internals. We're not very far
along yet. I'm sure they will use interface-based security assertions
if they don't already.
Jim
--
Jim Fulton mailto:jim@zope.com Python Powered!
CTO (888) 344-4332 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org