Richard Jones wrote at 2005-8-26 10:00 +1000:
>I'm migrating our 2.7-developed Product to 2.8. The following change has me
>puzzled. In 2.7, AccessControl.ZopeGuards guarded_getitem has the following
>def guarded_getitem(object, index):
> [ snip handling of slices ]
> v = object[index]
> if Containers(type(object)) and Containers(type(v)):
> # Simple type. Short circuit.
> return v
> if getSecurityManager().validate(object, object, None, v):
> return v
> raise Unauthorized, 'unauthorized access to element %s' % `i`
>where "index" has become "None". This would appear to imply that we can't
>perform access controls on a per-item basis in sequences or mappings, unless
>we do so in the actual __getitem__ method
I remember a posting from Jim (Fulton) where he pointed out
that this (access control for individual items based on their name)
is not longer supported.
I conclude that the change you see was by purpose (although I do not
see *why* Jim removed this possibility).
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -