Dieter Maurer wrote:
Jim Fulton wrote at 2003-11-22 12:14 -0500:
> ...
> Also note that I had to get rid of the validateValue call. It's important
> that we always pass the name and container to code that needs to get roles.
We need "name" and "container" only for objects that do not have
their
Jim Fulton wrote at 2003-11-22 12:14 -0500:
> ...
> Also note that I had to get rid of the validateValue call. It's important
> that we always pass the name and container to code that needs to get roles.
We need "name" and "container" only for objects that do not have
their own "__roles__" att
Dieter Maurer wrote:
Dieter Maurer wrote
> ... protecting simple type attributes by roles ...
> > Patch attached.
I have a small optimization:
if (
# start with inexpensive checks
roles is not _noroles
or name is None
Dieter Maurer wrote
> ... protecting simple type attributes by roles ...
> > Patch attached.
I have a small optimization:
if (
# start with inexpensive checks
roles is not _noroles
or name is None
or value is None
Dieter Maurer wrote:
Jim Fulton wrote at 2003-11-13 15:22 -0500:
> ...
>We need to refactor the way security assertions (permission
>settings) are stored and accessed. We need to store required
>permissions (__permissions__) on objects. When we need to figure
>out roles, we ne
Dieter Maurer wrote at 2003-11-14 20:43 +0100:
> Jim Fulton wrote at 2003-11-13 15:22 -0500:
> > ... new security policy for NSEC ...
> Folklore says that Zope cannot protect attributes of simple types
> (because they do not provide the method magic that will be lost
> for NSEC).
> ...
> O
Jim Fulton wrote at 2003-11-13 15:22 -0500:
> ...
>We need to refactor the way security assertions (permission
>settings) are stored and accessed. We need to store required
>permissions (__permissions__) on objects. When we need to figure
>out roles, we need to compute them at
On Thu, Nov 13, 2003 at 04:35:52PM -0500, Jim Fulton wrote:
| The expectation is that existing Zope 2 products will work with 2.8.
| The security APIs will be unchanged.
Great.
| > In case that was the case, would porting the zcml machinery
| >and the security policy from zope3 completely out of
| Gory details
|
| I estimate that the necessary refactoring would take me 3-5
| days. The vast majority of the required time will be spent writing
| tests. I really need to focus on Zope 3 for a while, so I may not
| be able to get back to this soon. I think that this is an area
| where some
Sidnei da Silva wrote:
| Gory details
|
| I estimate that the necessary refactoring would take me 3-5
| days. The vast majority of the required time will be spent writing
| tests. I really need to focus on Zope 3 for a while, so I may not
| be able to get back to this soon. I think that this i
10 matches
Mail list logo
