A suggestion: Tell users *not* to use Validators for determining the "Subject" of the controller. Without that guidance they're going to hit this problem if they follow best practices (i.e. rigorous use of validators for data conversion and error handler decoration).
Counsel the use of "traversal based" lookup of Subject-objects. That is, counsel users to use controllers like this: /admin/consultants/henry/update?password=hello rather than: /admin/consultants/update?login=henry&password=hello Have a link to the technical discussion of why it's broken/unusable so people can know *why* not to do it, but make sure they know up front that it's not going to work. That counsel should be in your Validator documentation at the minimum, and possibly in your Error Handling documentation as well. I've stripped out the use of Validators for subject determination and am now manually validating each parameter in each controller method in a series of calls at the start of the controller... maybe I'll write a decorator method to do that eventually ;) . --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
