On Wed, Dec 16, 2009 at 9:27 PM, Bjorn Tillenius <[email protected]> wrote: > On Wed, Dec 16, 2009 at 10:29:53AM +0100, Henning Eggers wrote: ... >> Adi suggested today that it would be less confusing if we had all the >> security related code in security.py and use the checkers from model >> code, i.e. calling something like >> "OnlyRosettaExpertsAndAdmins(self).checkAuthenticated(user)". > > I think you're on a slipperly slope here. Basically what you want to do > is to replace things like (using pseudo code here): > > if user_is_admin() or user_is_rosetta_expert(): > do_things() > > with: > > if user_is_admin_or_rosetta_expert(): > do_things() > > I.e., you want to take an if condition and replace it with a function. > Instead of using Python's 'or' key word, you want to construct text > strings. Your example is simple, but what happens when you need to add > a condition?
The other thing is that the function's external API is pre-supposing certain policy decisions. It's much better to name the function after what you actually _want_ rather than the mechanism for figuring it out. e.g. can_translate() rather than user_is_admin_or_rosetta_expert() An example from the package branches extravaganza: rather than checking Branch.product is None, we now check Branch.supportsMergeProposals() (or something like that). jml _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
