On Sun, 30 Jul 2000 10:38:44 +0100, Chris Withers [EMAIL PROTECTED]
wrote:
Dieter Maurer wrote:
I wonder why starting folders with _ is so bad in Zope?
In the time, when everything was allowed what was not explicitely
forbidden, an easy way was necessary to forbid access. Jim
(and, therefore, Zope) used:
anything starting with "_" is private: no DTML access, no Web access.
Now, with the change to a security policy "Everything is
forbidden when not explicitely allowed", the need for
such a rule based on naming dwindles. Maybe, it will disappear
sometime in the future.
That rules applies at a lower level. It removes the need to have
special-case handling for the many low-level objects that should never
be web-accessible.
Almost all zope-manageable classes (and certainly Folders, that Dieter
mentioned) use the old rule. This happens because they derive from
SimpleItem.Item, which has __allow_access_to_unprotected_subobjects__.
Toby Dickenson
[EMAIL PROTECTED]
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )