This should have been really posted on zope3-users.
On Monday 28 November 2005 00:53, Jeff Rush wrote:
> What are the two folders here, named 'default' and 'tools'? And why does
> the 'Visit default folder' link take me to the same place as clicking on
> the 'default' folder itself? One of the books say 'Tools folder let you
> manage tools.' ;-)
'Visit default folder' is just UI sugar for clicking on 'default', which is
the default site management folder.
> It's not clear whether to create my DB connector under 'default' or 'tools'
> so I guessed and picked 'default'.
It does not matter. You could create a third site management folder having
your own custom name and place the utility (DB adapter) in there.
> A key part I'm confused about is that when creating the connector, I gave
> it a name like 'dbfinance', but later I need to register it, giving it
> another name. Why two names, and when is the first name ever used? The
> second name (registration name) is what appears in the drop-down 'Known
> Connectors' vocabulary. I guess I don't understand utility registration.
> I'm used to the Zope 2 approach of dropping DB connectors in the
> acquisition path.
Originally we wanted to make naming and object and registering it using a name
two separate concepts. I think this is still useful, but not that gentle for
new comers. I agree with you that the registration form should at least
suggest the name of the utility to be the registered name.
> After registration, I can use the connector, but I'm puzzled re access
> permissions. If my connector permissions is 'zope.public', for general SQL
> access throughout the site architecture, does that mean there is a way for
> anonymous website visitors to invoke arbitrary SQL operations?
yes and no. Theoretically, everyone could access an arbitrary SQL expression.
However, since the utility is stored inside a site management folder, the
person would probably have not enough permissions to get there.
> Does Zope 3
> support the Zope 2 idea of priviledged proxies, where an intermediate has
> more privilege than the user visiting the site?
I do not know this Zope 2 feature, so I cannot comment.
> One of very useful features of Zope 2 was balloon text that popped up when
> you hovered over component icons within the ZMI, which told you the type of
> component. Adding that would help disambiguate the various types of
> folders, most of which have the same icon.
Feel free to add the feature.
> Also interesting, reported as bug #494, is that you can't ever remove
> registered utilities via the ZMI, even when they are deactivated. You get
> a msg about needing to deactivate them first. ;-)
Eek, I am surprised it had not been promoted to urgent. We will fix that for
the next release.
Regards,
Stephan
--
Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com