I had some conversation with Tres about the SecurityPolicy
implementation. I would like to clean up following problem:
The method "validate" is not very clear about when it will raise an
exception and when it will return a boolean.
This results in code that expects it to return a boolean, and makes
conclusions about exceptions that are wrong by catching the anonymously,
transforming them all (e.g. AttributeError) into Unauthorized. This
shadows the real source of a problem, also the code that calls validate
probably shouldn't raise Unauthorized on it's own.
But there's where my problem starts: could we get it somewhat clear who
should raise Unauthorized, what can be expected from validate and where
should only boolean values be returned?
I would like to see some discussion, wrap it up in a proposal, and
deliver the code on a branch.
Thanks for listening,
Christian Theune, gocept gmbh & co.kg
phone: +49-3641-233526 mobile: +49-179-7808366
mail: [EMAIL PROTECTED]
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -