[Zope3-dev] RFC: Heads up! Major changes coming!

[Jim Fulton]

Steve Alexander wrote:
> 
> Jim Fulton wrote:
> >
> >       <zmi:factory permission_id=".Contact.ManageContacts"
> 
> That should be "ZopeProducts.Contact.ManageContacts", right?

Right. Thanks.

> >       <security:allow interface=".Contact.IContactInfo."
> >                       permission_id="Zope.View" />
> >       <security:allow method="update"
> >                       permission_id=".Contact.ManageContacts"/>
> 
> I like Guido's suggestion of require, so we'd get:
> 
>         <security:require permission_id="Zope.View"
>                           interface=".Contact.IContactInfo." />
>         <security:require permission_id=".Contact.ManageContacts"
>                           method="update" />
> 
> Surely "method" should be "names" now that we have name-based security ?

Right, although by the end of the week this will be attributes, or maybe 
forAttributes. :)
 
> > - I really like the idea of explicitly defining the pages provided by
> >   views and having the pages appear as pages on the content. This
> >   makes page construction feel more natural, eliminating the extra URL
> >   step for the view.
> 
> +1, but will the old way still be permitted? Or is that gone completely?

There's certainly not going to be anything preventing the old way, 
but I think the new way will be the common way.

> >   This also eliminates the need to traverse the view and for the view
> >   to control traversal. There's no need for the magic in
> >   AttributePublisher.
> 
> I guess the old way is gone for good then.

It will be possible, but I won't talk about it.

Plus, maybe a bunch of people won't like the new way and will 
speak up soon. ;)
 
> >   I'd like to make this view style the default.
> 
> Please!
> 
> >   Given this, I wonder if we should switch to the namespace syntax
> >   used by XPath (and perl and C++ ;)::
> >
> >      aFolder/view::grants.html
> >
> >   This syntax is a little nicer looking (to me :) and doesn't mess
> >   with the file-extension. The only downside is that we'd have to
> >   disallow ids/names that begin with identifier characters followed by
> >   "::". I expect that this limitation would be acceptable.
> 
> +1
> 
> It would still be possible define a custom traversal that would have
> different rules, right?

Well, yes, except that the normal namespace syntax will be handled by standard
frameworks so that custom code doesn't have to deal with it.

I suspect that some people just won't be able to stand namespace qualification, 
at least for views and will prefer to have traversers that make explicit namespace
selection for views unnecessary, at the risk of name conflicts. Of course, this
only applies to containers (in the general sense).

Jim

--
Jim Fulton           mailto:jim@zope.com       Python Powered!        
CTO                  (888) 344-4332            http://www.python.org  
Zope Corporation     http://www.zope.com       http://www.zope.org