> > Assertions made on a method in a subclass override the 
> assertions made
> > in the base class.
> Okay, Posting has the following list of methods for the 'view'
> permission:
> ['date_posted','body_len','date_created','time_created','attac
> hment','thread_path','index_html','showBody',
> 'desc_items','dupString','striptags','tpId','tpURL','this','ha
> s_items','thread','title','author','body',
>                   'email','subject']
> Now, what I want to do is add the following methods to this 
> list for the
> Article class which subclasses Posting:
> ['prev_item','next_item','showSummary','desc_items']
> How do I do that?

class Article(Posting):

  __ac_permissions__ = (
        ('Anonymous', 'Manager')),

It may be helpful to think of it this way:

  - the class that defines an attribute/method is responsible 
    for protecting it (declaring it in a permission or with 
    other security assertions)

  - a class doesn't have to worry about assertions made by 
    its base classes (the base classes will have worried 
    about the attrs they defined)

  - any class that defines security info must be initialized 
    with default__class_init__ for the right thing to happen.

Note that the only time you really have to care about what 
your base classes did is if you need to redefine the 
permission used cover an inherited attribute. For ex:

class Posting:
  # doAction_A is under view permission
  __ac_permissions__ = (
      ('View', ('doAction_A',), ('Anonymous', 'Manager')),

  def doAction_A(self):

class Article(Posting):

  # For Articles, I want doAction_A to be under the 'Spam'
  # permission. 
  __ac_permissions__ = (
      ('View', ('doAction_B',), ('Anonymous', 'Manager')),
      ('Spam', ('doAction_A',), ('Anonymous', 'Manager')),

Hope this helps!

Brian Lloyd        [EMAIL PROTECTED]
Software Engineer  540.371.6909              
Digital Creations  http://www.digicool.com 

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to