[Zope3-dev] Security: Do not compare symbolic constants with persistent data using "is"
Casey Duncan
casey_duncan@yahoo.com
Sat, 16 Feb 2002 20:18:10 -0800 (PST)
That was a good catch. I think the original idea was
that these constants might eventually be objects that
also represent booleans or somesuch. Mostly they are
there just as a way to not have to hard code strings
or worse numbers for the three states everywhere.
Anyhow, I think checking for equality is the way to
go. To make this complete, a comment to this affect
should be put in Settings.py, so that if we do make
them into classes some day, we don't foobar it again.
If nobody objects, I can make this change.
-Casey
--- Steve Alexander <steve@cat-box.net> wrote:
> Steve Alexander wrote:
> >
> > I'll check in a fix to ZopeSecurityPolicy, but
> then I need to go to the
> > pub and relax! :-)
>
> Actually, I won't check in a fix now. I think this
> needs a bit more thought.
>
> It could also do with a unit-test...
>
> --
> Steve Alexander
>
>
> _______________________________________________
> Zope3-dev mailing list
> Zope3-dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope3-dev
>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com