| >| 2. Is the above behaviour pluggable at all?
| >Not at all.
| | Should it be? Can it be without impacting on performance?
I don't think so. I would expect there's only one sane way to do it.
I'm not sure I agree, I've read lots of different views on this sort of thing in these two threads, and I think several of them are valid, while remaining inconsistent with each other. To me, that means it should be pluggable...
The source of the other thread is that falling back to unauthorized smells wrong, but I can see at least one case where changing this might break existing apps.
Yeah, the one Lennart descibes...
Basically it monkeypatches RESPONSE.unauthorized() and RESPONSE._unauthorized().
Aha, as does PAS I see. Does this mean RESPONSE.unauthorized should be a responsibility of the user folder?
Simplistix - Content Management, Zope & Python Consulting
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce