Charlie Clark wrote:
> Am 22.02.2011, 11:46 Uhr, schrieb yuppie<y.2...@wcm-solutions.de>:
>> 2.) direct MemberData property access
>> Wrapped users are now MemberAdapter objects. So wrapped users no longer
>> have attributes like 'email' or 'listed'. This is a security improvement
>> because you can't bypass the API with its permission checks.
>> But 'member.email' is more convenient than 'member.getProperty('email')'
>> and used in many places. I fixed these in CMF itself, it I'm afraid that
>> change will break a lot of third party code.
>> I propose to add read-only properties that return the values in a modern
>> format (datetime instead of DateTime, unicode instead of encoded
>> Should we support a fixed schema with the default member data properties
>> or should we use a customized __getattr__ method?
> If the access is always via the adapter then I would prefer a customised
I'm still not sure how to resolve this.
MemberAdapter objects are used in untrusted code and it might be
complicated to set permissions correctly for __getattr__ access. (At
least I never tried that.)
It also would be nice to have a well defined interface for default
So I tend to a fixed schema. People still can add custom properties, but
they would have to use getProperty or override MemberAdapter.
Zope-CMF maillist - Zope-CMF@zope.org
See https://bugs.launchpad.net/zope-cmf/ for bug reports and feature requests