Re: [Repoze-dev] Model-based vs. view-based security

2010-07-29 Thread Free Ekanayaka
Hi Tim, |--== On Thu, 29 Jul 2010 07:36:57 +0800, Tim Hoffman zutes...@gmail.com said: TH Hi 2) With the security proxy machinery I can have a view that conditionally displays certain HTML elements (like form fields) depending on the permissions that the accessing user has on the

Re: [Repoze-dev] Model-based vs. view-based security

2010-07-29 Thread Free Ekanayaka
Hi Chris, |--== On Wed, 28 Jul 2010 12:38:30 -0400, Chris McDonough chr...@plope.com said: CM Thanks for asking this question, by the way, I have added it (and a CM variation on my answer) to the design defense documentation that is CM present in BFG: CM

Re: [Repoze-dev] Model-based vs. view-based security

2010-07-29 Thread Charlie Clark
Am 29.07.2010, 10:25 Uhr, schrieb Free Ekanayaka free.ekanay...@gmail.com: I agree that model objects and forms are not generally tight together, even though I'd argue that virtually every web application will need basic CRUD for the core entities. Form inference via schema adapter should

Re: [Repoze-dev] Model-based vs. view-based security

2010-07-29 Thread Tim Hoffman
Hi TH I use a UML modeling tool to generate all my models and form schemas so I TH tend not to write much code in these entities. That's interesting, any pointer/link for this specific tool? I am using enterprise architect. http://www.sparxsystems.com.au/ It can actually reverse