Re: [Zope-CMF] Extending FTI.isConstructionAllowed
Previously yuppie wrote: After (re)reading all the comments and having a closer look at the code I came to these conclusions: 1.) CMF 2.1 checks two different restrictions: allowType() and isConstructionAllowed(). PortalFolderBase._verifyObjectPaste just checks allowType() because in CMF 2.1 isConstructionAllowed() does basically the same permission check as CopyContainer._verifyObjectPaste. Changing isConstructionAllowed() without changing PortalFolderBase._verifyObjectPaste creates inconsistent behavior. The _checkWorkflowAllowed change and your branch are both broken. That sounds like there is some opportunity for code sharing there. 2.) The distinction between allowType() and isConstructionAllowed() was clear in CMF 2.1: allowType() checked a cheap, not permission related CMF specific restriction. isConstructionAllowed() checked generic permission related restictions. The new restrictions _checkWorkflowAllowed and ITypeConstructionFilter don't fit in one of these two categories. Is there a reason that the two have to be separate? What is the downside of one call that does all necessary checks? 3.) I was wrong about comparing isConstructionAllowed with checkFactory and checkObject. These are used for checking general container constraints, not for checking user specific permissions. checkFactory doesn't work for CMF because it doesn't take the portal type as argument. Right. My conclusion: allowType() and isConstructionAllowed() are both the wrong place for checking additional restrictions. But allowType() could become part of a more general precondition that could be checked by checkObject and a new checkPortalType (=CMF specific checkFactory) function. How do you see this working? If it's simple enough I might have enough time to work on it this week. Wichert. -- Wichert Akkerman wich...@wiggy.netIt is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See https://bugs.launchpad.net/zope-cmf/ for bug reports and feature requests
[Zope-CMF] CMF Tests: 7 OK
Summary of messages to the cmf-tests list. Period Wed Jun 3 12:00:00 2009 UTC to Thu Jun 4 12:00:00 2009 UTC. There were 7 messages: 7 from CMF Tests. Tests passed OK --- Subject: OK : CMF-2.1 Zope-2.10 Python-2.4.6 : Linux From: CMF Tests Date: Wed Jun 3 21:24:44 EDT 2009 URL: http://mail.zope.org/pipermail/cmf-tests/2009-June/011582.html Subject: OK : CMF-2.1 Zope-2.11 Python-2.4.6 : Linux From: CMF Tests Date: Wed Jun 3 21:26:49 EDT 2009 URL: http://mail.zope.org/pipermail/cmf-tests/2009-June/011583.html Subject: OK : CMF-trunk Zope-2.10 Python-2.4.6 : Linux From: CMF Tests Date: Wed Jun 3 21:28:54 EDT 2009 URL: http://mail.zope.org/pipermail/cmf-tests/2009-June/011584.html Subject: OK : CMF-trunk Zope-2.11 Python-2.4.6 : Linux From: CMF Tests Date: Wed Jun 3 21:30:55 EDT 2009 URL: http://mail.zope.org/pipermail/cmf-tests/2009-June/011585.html Subject: OK : CMF-trunk Zope-trunk Python-2.4.6 : Linux From: CMF Tests Date: Wed Jun 3 21:32:55 EDT 2009 URL: http://mail.zope.org/pipermail/cmf-tests/2009-June/011586.html Subject: OK : CMF-trunk Zope-trunk Python-2.5.4 : Linux From: CMF Tests Date: Wed Jun 3 21:34:55 EDT 2009 URL: http://mail.zope.org/pipermail/cmf-tests/2009-June/011587.html Subject: OK : CMF-trunk Zope-trunk Python-2.6.1 : Linux From: CMF Tests Date: Wed Jun 3 21:36:56 EDT 2009 URL: http://mail.zope.org/pipermail/cmf-tests/2009-June/011588.html ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See https://bugs.launchpad.net/zope-cmf/ for bug reports and feature requests
Re: [Zope-CMF] Extending FTI.isConstructionAllowed
Hi Wichert! Wichert Akkerman wrote: Previously yuppie wrote: 2.) The distinction between allowType() and isConstructionAllowed() was clear in CMF 2.1: allowType() checked a cheap, not permission related CMF specific restriction. isConstructionAllowed() checked generic permission related restictions. The new restrictions _checkWorkflowAllowed and ITypeConstructionFilter don't fit in one of these two categories. Is there a reason that the two have to be separate? I don't know the reasons, I just can guess. AFAICS it's not absolutely necessary, but using one method would require several changes. What is the downside of one call that does all necessary checks? These come to my mind: - You no longer can use TypeInformation.constructInstance to bypass the allowType() check. PortalFolderBase.invokeFactory checks allowType() before calling constructInstance. - You no longer can call CopyContainer._verifyObjectPaste from PortalFolderBase._verifyObjectPaste without performing redundant permission checks. - Actions have a similar distinction between 'available' and 'allowed'. The new 'add' actions in CMF 2.2 map allowType() and isConstructionAllowed() to 'available' and 'allowed' keys. allowType() and isConstructionAllowed() are both the wrong place for checking additional restrictions. But allowType() could become part of a more general precondition that could be checked by checkObject and a new checkPortalType (=CMF specific checkFactory) function. How do you see this working? If it's simple enough I might have enough time to work on it this week. In CMF we would add a __setattr__.precondition to IFolderish, Plone folders would use a modified interface with a different precondition. The preconditions would implement an interface like this one: class IFolderishPrecondition(Interface): def __call__(container, name, object): Test whether container setitem arguments are valid. Raise zope.interface.Invalid if the object is invalid. def portaltype(container, name, portaltype): Test whether objects provided by the portal type are acceptable Return a boolean value. _verifyObjectPaste would use checkObject, other places where currently allowType() is used would use a new checkPortalType function. Does that make sense to you? Cheers, Yuppie ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See https://bugs.launchpad.net/zope-cmf/ for bug reports and feature requests
