I have a problem with the standard item traverser provided by

The item traverser looks up a object using the given name and a __getitem__
call on the context. If this raises a KeyError it tries to look up a view
given the same name.

If the user does not have the permission to access __getitem__ it will let the
Unauthorized exception pass through.

I my situation I have two views for which the user doesn't really need the
permission to access __getitem__ on the container but they can't access the
views because the __getitem__ call will be tried anyway.

I can explicitly make the URL use '@@viewname' and bypass the item traverser,
but I don't like the @@s in the URL. I wonder whether adding Unauthorized to
the KeyError would be reasonable.


Christian Theune · [EMAIL PROTECTED]
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 7 · fax +49 345 1229889 1
Zope and Plone consulting and development
Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to