[Zope3-dev] Attributes in content components

[Steve Alexander]

Hi folks,

I like the idea of using both attributes and methods in content 
components, as used in the Job Board application.

I'm trying to work out how this would tie in with security. Would the 
attributes need to be considered like properties, and optionally have 
different permissions for reading the attribute, and writing the attribute?

In some sense, I feel that the attributes of a content component that 
are part of its public interface are more like properties. They can be 
implemented using Python properties, and the simple attribute can be 
thought of as a special case of a very simple property.


I guess that permissions can be attached to attributes by having the 
same mechanism that adds a __permission__ to methods handle attributes 
by replacing the attribute by a descriptor that acts like a property, 
but also has slots for read and write __permission__.

(ref. lib/python/Zope/App/Security/protectClass.py)

--
Steve Alexander