Am 04.07.2008 um 07:37 schrieb Christian Theune:
On Fri, 2008-07-04 at 02:10 +0300, Marius Gedminas wrote:
On Tue, Jun 24, 2008 at 01:39:28PM +0200, Christian Theune wrote:
[...]
I can explicitly make the URL use '@@viewname' and bypass the
item traverser,
but I don't like the @@s in the URL. I wonder whether adding
Unauthorized to
the KeyError would be reasonable.
I think not. At least it should not convert Unauthorized into
NotFound.
If I can access a location (say, http://localhost/container/item)
when
I'm logged in, then if I try that as an anonymous user, I should
get an
authentication dialog rather than a 404 Not Found page.
Actually, in my case its, when logged in I can use:
http://localhost/container/view
When not logged in, I get an Unauthorized, although when accessing
http://localhost/container/@@view
I can go ahead as anonymous.
IMHO the code merging the namespaces should be more careful about
that.
IMHO the ItemTraverser should not lookup the view by itself, but
delegate to the 'view' traverser, somethind like:
def publishTraverse(self, request, name):
"""See zope.publisher.interfaces.IPublishTraverse"""
try:
return self.context[name]
except KeyError:
try:
return namespaceLookup('view', name, self.context,
request)
except TraversalError:
pass
raise NotFound(self.context, name, request)
Regards
Markus Kemmerling
_______________________________________________
Zope-Dev maillist - [email protected]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
