On Monday January 26, 2009 16:18:36 Florent Aide wrote:
> a here is the patch that would permit to write the kind of predicates
> I need... Gustavo, what do you think? Is that ok with you to apply
> this on the trunk. You broke compatibility anyway so why not break it
> a little more... :)
Well, I've not broken compatibility since the first stable release and I hope
that won't ever be necessary. I've just deprecated some things for forward
The problem is that people are not expected to evaluate predicates by
themselves using Predicate.evaluate(); that's what check_authorization() is
Therefore, unfortunately it'd be useless that .evaluate() was able to receive
arbitrary arguments and keyword arguments because it will never receive them.
It'll only receive what check_authorization() passes to it (unless you run
.evaluate() by yourself, which is discouraged -- check_authorization() does
some useful things for you unlike plain .evaluate()).
As I mentioned in the previous email, I agree that context-sensitive
authorization should require less code (i.e., not using
paste.request.parse_formvars by yourself). But my concern is how to do it
without breaking compatibility. I'm open to any solution that won't break
In repoze.what v2, the way I'll address this is by passing the POST and GET
variables to .evaluate() too. At least that's the solution I have in mind
Gustavo Narea <http://gustavonarea.net/>.
Get rid of unethical constraints! Get freedomware:
Repoze-dev mailing list