Re: [Zope-dev] Request for amplification on new Product permissions API.
Brian Lloyd wrote: > Yes - basically any class that defines *or inherits from a > class that defines* permissions should do this to make sure > that the permissions along the inheritance heirarchy are > cobbled together correctly at class initialization time. I'm sure someone said recently that this got called autmoatically for you if you forgot... Hmm, Squishdot's worked fine without it AFAIK up until now. Is this only really required in 2.2, or even then not entirely? cheers, Chris PS: It's not ZClass basses or something else that require it? Just cheking I'm not being too dense... ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] Request for amplification on new Product permissions API.
> > > > Are you calling: > > > > Globals.default__class_init__(MyBasketClass) > > > > on your Basket class? This is (poorly documented but) > > necessary for permissions declared in __ac_permissions__ > > to be correctly initialized. > > Should I have this in Squishdot too? > > Chris Yes - basically any class that defines *or inherits from a class that defines* permissions should do this to make sure that the permissions along the inheritance heirarchy are cobbled together correctly at class initialization time. Brian Lloyd[EMAIL PROTECTED] Software Engineer 540.371.6909 Digital Creations http://www.digicool.com ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Request for amplification on new Product permissions API.
Brian Lloyd wrote: > > > So, what do I need to do to allow controlled access to this object? > > I understand that Shopper, inheriting from SimpleItem, already has > > the access to unprotected subobjects flag. And I'd rather protect > > the object correctly, anyway . I tried adding an ac_permissions > > structure to the class, giving View permission to the attribute > > that is throwing the unauthorized error, but that doesn't seem to > > have changed the behavior. > > Are you calling: > > Globals.default__class_init__(MyBasketClass) > > on your Basket class? This is (poorly documented but) > necessary for permissions declared in __ac_permissions__ > to be correctly initialized. Should I have this in Squishdot too? Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] Request for amplification on new Product permissions API.
On Fri, 7 Jul 2000, Brian Lloyd wrote: > Are you calling: > > Globals.default__class_init__(MyBasketClass) > > on your Basket class? This is (poorly documented but) > necessary for permissions declared in __ac_permissions__ > to be correctly initialized. Poorly? Only three classes seem to use this in the base Products: MailBase in MailHost, Draft in OFSP, and ZCatalog. I've added a call to this method to the end of the file that defines this class. My __ac__permissions__ structure assigns 'View' privilege to the 'items' method. I still get an unauthorized error when the dtml tries to access that method on the subobject. --RDM ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] Request for amplification on new Product permissions API.
> So, what do I need to do to allow controlled access to this object? > I understand that Shopper, inheriting from SimpleItem, already has > the access to unprotected subobjects flag. And I'd rather protect > the object correctly, anyway . I tried adding an ac_permissions > structure to the class, giving View permission to the attribute > that is throwing the unauthorized error, but that doesn't seem to > have changed the behavior. Are you calling: Globals.default__class_init__(MyBasketClass) on your Basket class? This is (poorly documented but) necessary for permissions declared in __ac_permissions__ to be correctly initialized. Brian Lloyd[EMAIL PROTECTED] Software Engineer 540.371.6909 Digital Creations http://www.digicool.com ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )