[Zope3-dev] Form framework, adapters and pau
Jim Fulton
jim at zope.com
Mon Apr 25 12:58:39 EDT 2005
Dominik Huber wrote:
> Jim Fulton wrote:
>
...
>> Here are 2 other alternatives to consider:
>>
>> 1. Add a "locate" option to the adapter directive, which
>> defaults to false. If true (locate="1"), then a location
>> proxy is always added to the adapter.
>
>
> Yup.
> -1 That's might be *to much explicitness* for dev
I really don't think so.
> 1 and complecates the
> adapter directive too.
Actually, I think it simplifies it a little. It separates trusted-ness
from location-ness.
>> 2. Option 1 but default to true if a non-public permission is
>> specified.
>>
>> These alternatives are explicit and hande the case where
>> permissions are declared in a separate directive.
>
>
> In both sugestions the problem is not solved, that the public permission
> declaration within the adapter directive cannot be adapted to all
> trusted adapters, because the 'valid' security-declartations might be
> registered within an addional <class...
I think you are mistaken. If you declare permissions in a class
directive, you'd use a locate attribute in the adapter
directive, as in:
<adapter factory=".myFactory" trusted="1" locate="1" />
<class class=".myFactory">
<require permission="X" interface="IX" />
...
</class>
In this case you'd get the location even though the adapter
directive doesn't specify a permission.
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope3-dev
mailing list