The new dropPermissions could be used wherever the old dropPermissions is being
used currently.
It would be possible to add it to the top of globalvars.vm and it would drop
permissions except that
they could be regained once the document content began being rendered and would
of course go away again
when the document content was finished being rendered.
NOTE: This hinges on http://jira.xwiki.org/jira/browse/XWIKI-4274 being fixed.
I am a bit reserved about the name though since it drops for this "rendering
cycle" so:
{{groovy}}
println('Hello World!');
if (xcontext.get('runOnce')) {
xcontext.set('runOnce', true);
doc.dropPermissions();
doc.getRenderedContent(doc.getContent());
}
{{/groovy}}
would output:
Hello World!
Hello World!
Which means that doc.dropPermissions() is not entirely accurate since the same
document can get
permissions in the same request cycle. It should really be
renderingCycle.dropPermissions() but that
would make no sense to anyone at all. If anyone can think of a better name I'd
be happy to hear it.
Caleb
On 08/13/2011 02:23 AM, Sergiu Dumitriu wrote:
> On 08/10/2011 06:22 AM, Caleb James DeLisle wrote:
>> Right now we have dropPermissions which makes a specific guarantee, there
>> will not be any programming
>> right for the duration of the request cycle.
>>
>> Sometimes a user might want to drop permissions for the duration of the
>> document rendering.
>> This would mean {{include}} macros, $doc.getRenderedContent() would allow
>> permissions to be gained back
>> while the included document was being rendered and after the content of that
>> document is finished
>> rendering, the permissions would be returned.
>>
>> I think it would do more harm than good to break the promise that
>> dropPermissions() makes so I propose
>> adding $doc.dropPermissions() to do this.
>>
>> I think $doc.dropPermissions() vs. $context.dropPermissions() is intuitive
>> and easily explained but if
>> anyone has another suggestion for a name, I'd be glad to hear it.
>
> Can you give me a better example, when would doc.dropPermission be
> needed and context.dropPermission is too much? How would you get back
> rights? And how do you prevent the supposedly sandboxed code from using
> the same mechanism to get back the rights?
>
_______________________________________________
devs mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/devs
