[Zope3-Users] Re: Security in Zope 3
Philipp von Weitershausen
philipp at weitershausen.de
Tue Sep 19 06:10:29 EDT 2006
Martijn Pieters wrote:
> On 9/19/06, Chris Withers
> <chris at simplistix.co.uk> wrote:
>> ...because z has two containment paths:
>> ...which might have different security constraints.
>> How does Zope 3 handle the same kind of setup?
> In Zope2 containment is looked up through acquisition, that is,
And it depends on the acquisition chain.
> In Zope3 it is explicit, through the ILocation interface.
> That interface specifies the __parent__ attribute, which normaly
> specifies only one parent, as the current implementations of that
> interface in Zope3 persist this or use a wrapper.
> I a currently running application I store references to objects in
> multiple places without problems just fine. Just be careful to clean
> up when the object gets deleted from it's canonical location (the
> __parent__ object).
Right, objects are suppoed to only have one __parent__ in Zope 3.
Whether or not that __parent__ is actually used to look up security
settings is entirely the decision of the securitypolicy you're using.
YOu can always plug in a different policy that acquires security
declarations in a different way than wlaking up the __parent__ hierarchy.
More information about the Zope3-users