Hi Charlie!

yuppie wrote:
> Charlie Clark wrote:
>> Am 02.12.2009, 20:51 Uhr, schrieb yuppie 
>> <y.2009-E2EsyBC0hj3+aS/vkh9...@public.gmane.org>:
>>> Using the class directive instead is just a workaround for a generic
>>> problem that needs a generic solution, not a new addView directive.
>> I have to agree with you on that. But the current solution remains clunky.  
>> Having initially been against it I think it would be easier on the eye to  
>> have the security declaration (I'm assuming this would work for subclasses  
>> where it can be overwritten if needs be) in ContentAddFormBase until the  
>> permissions directive is supported. It was only from working with the new  
>> add form that I realised how little needs to be done to work with this.
> 
> +1
> 
> Actually it would make sense to get the permission checks in sync with 
> the _checkAllowed method used by add actions. And _checkAllowed has a 
> hardcoded check for AddPortalContent.
> 
> So it is indeed superfluous to configure the AddPortalContent permission 
> for each add view in ZCML. And the __call__ method of ContentAddFormBase 
> seems to be a good place for checking the AddPortalContent permission 
> *and* the isConstructionAllowed method.

This change is now checked in: http://svn.zope.org/?rev=106203&view=rev


Cheers,

        Yuppie

_______________________________________________
Zope-CMF maillist  -  Zope-CMF@zope.org
https://mail.zope.org/mailman/listinfo/zope-cmf

See https://bugs.launchpad.net/zope-cmf/ for bug reports and feature requests

Reply via email to