-----BEGIN PGP SIGNED MESSAGE-----
Damien Baty (ML) wrote:
> Le 27/12/07 9:49, Wichert Akkerman a écrit :
>> Previously Damien Baty (ML) wrote:
>>> For the record, I have proposed a patch that let us automatically
>>> register a permission if the profile explicitly asks for it, with
>>> something like:
>>> <permission name="My new permission"
>>> <role name="Manager"/>
>> I think it's the wrong place to register permissions. Permissions are
>> something both code and application configuration (ie zcml) relies
>> on. That suggests that registering permissions in a GS profile is too
>> late in the game.
>> To me it makes a lot more sense to register permissions and their
>> default roles in zcml.
> Good point. But... how do you do that, then? :) There is a 'grant'
> directive in Zope 3 defined in 'zope.app.securitypolicy', but this
> package is not part of Zope 2.10 (nor Zope 2.11). Is there something
> else I can use in Zope 2 to define permission/roles mappings?
The application is responsible for defining permissions and using them
to protect objects / methods. Five enables using the stock
zope.security stuff to define permissions in ZCML, and to associate them
with interfaces / attributes. See:
GenericSetup is responsible for capturing the "placeful" mapping of
permissions to roles (as set on the ZMI "security" tab).
Tres Seaver +1 540-429-0999 [EMAIL PROTECTED]
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope-CMF maillist - Zope-CMF@lists.zope.org
See http://collector.zope.org/CMF for bug reports and feature requests