On 1/6/06, Jeff Watkins <[EMAIL PROTECTED]> wrote: > Kevin, you're absolutely correct. I've forgotten now who asked for > SecureResource, but this was specifically what was asked for. However, I'd > agree it does seem slightly counter-intuitive. > > I'd propose the following: > > * SecureResource decorates any exposed methods (as it currently does) with > the specified requirements. > * In addition, __getattr__ checks to see whether the value returned is > derived from Controller and if so, enforces the requirements specified for > this SecureResource.
If memory serves (and I'm pretty sure in this case), __getattr__ is only called for attributes that don't exist. __getattribute__ is called for all attribute access, but you need to be careful to avoid endless loops and whatnot. > Another option is to use SecureObject which protects ALL access to the > object whether exposed or not. Ahh, that may be a fair option for people who want to secure a whole tree. Kevin
