On Monday 09 August 2010 22:48:20 Paul Hummer wrote: > On Mon, 9 Aug 2010 17:24:16 -0400 > > "Francis J. Lacoste" <[email protected]> wrote: > > If you mean protecting the field via premission: TAL expression in > > the view while leaving the underlying model field unprotected, than > > the answer is obvious: don't do that. It means that your fields are > > public in the API. > > > > You really want to protect them via model security. Now you can > > either use an interface to split the permission or declare them as > > attributes in the ZCML. Interface works best when the list of > > attribuets grow. It makes it easier to manage. > > Yeah, I used TAL when I meant ZCML... XML, po-tay-to, po-tah-to, let's > call the whole thing ugly. :)
I vastly prefer using interfaces to set this up, because it means I never need to edit zcml! (well, after the first time) I think it's also nicer to see the permissioning in the interface files next to descriptions etc. _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
