Hi Tim,

|--==> On Thu, 29 Jul 2010 20:02:11 +0800, Tim Hoffman <zutes...@gmail.com> 


  TH> I am currently finishing the first phase of of a project that uses bobo,
  TH> repoze.what
  TH> and zope.component (oh and a bfg based simple cms).  I have defined groups
  TH> that
  TH> have general permissions on entity types (ie StaffMember has view and edit
  TH> permissions
  TH> on the Apprentice objects) but the specific object being accessed must 
  TH> into the
  TH> specific lecturers (instance of StaffMember) scope.  ie lecturers can only
  TH> view apprentices
  TH> who are enrolled in a course supervised by the lecturer.

  TH> In my application the i apply additional predicates on the actual 
  TH> that
  TH> check scope, but in the main the user could not actually get to an entity
  TH> outside of their scope
  TH> as entities are fetched via model methods, For instance the lecturer can
  TH> only find apprentices
  TH> via the lecturers  supervised_apprentices() method. I don't blindly accept
  TH> entity keys as
  TH> url's get/post values.

This is indeed an interesting pattern, and effectively one I've partly
used myself.

  TH> So I have found the zope[2/3] model level security not necesary (in this
  TH> case) though I am emulating
  TH> some of the capabilities (isOwner ... at the model level.)

  TH> Not saying this is what you should do, but it is working for me.

Thanks for reporting your experience, it helps, as the required security
constraints above are similar to what I have.


Repoze-dev mailing list

Reply via email to