Previously Tres Seaver wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Damien Baty (ML) wrote: > > Hello, > > > > Le 27/12/07 9:49, Wichert Akkerman a écrit : > >> Previously Damien Baty (ML) wrote: > >>> [...] > >>> > >>> For the record, I have proposed a patch that let us automatically > >>> register a permission if the profile explicitly asks for it, with > >>> something like: > >>> > >>> ... > >>> <permission name="My new permission" > >>> register="True"> > >>> <role name="Manager"/> > >>> ... > >>> > >>> https://bugs.launchpad.net/zope-cmf/+bug/178810 > >> -1 > >> > >> I think it's the wrong place to register permissions. Permissions are > >> something both code and application configuration (ie zcml) relies > >> on. That suggests that registering permissions in a GS profile is too > >> late in the game. > >> > >> To me it makes a lot more sense to register permissions and their > >> default roles in zcml. > > > > Good point. But... how do you do that, then? :) There is a 'grant' > > directive in Zope 3 defined in 'zope.app.securitypolicy', but this > > package is not part of Zope 2.10 (nor Zope 2.11). Is there something > > else I can use in Zope 2 to define permission/roles mappings? > > The application is responsible for defining permissions and using them > to protect objects / methods. Five enables using the stock > zope.security stuff to define permissions in ZCML, and to associate them > with interfaces / attributes. See: > > - $ZOPE_HOME/lib/python/Products/Five/permissions.zcml > > - $ZOPE_HOME/lib/python/zope/security/meta.zcml > > - $ZOPE_HOME/lib/python/zope/app/security/meta.zcml > > GenericSetup is responsible for capturing the "placeful" mapping of > permissions to roles (as set on the ZMI "security" tab).
As far as I know that only maps existing Z2 permissions to Z3 permissions. It does not allow you to register new Z2 permissions. Wichert. -- Wichert Akkerman <[EMAIL PROTECTED]> It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. _______________________________________________ Zope-CMF maillist - [email protected] http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
