On Wed, Feb 25, 2009 at 16:43, Martin Aspeli <[email protected]> wrote: > I think the fact that this workaround is necessary is a bug. The > <permission /> directive is supposed to be used to declare new > permissions, but it does not do that fully in Zope 2. An easy bug fix > would be to put something like this into Five: > > <subscriber > for="zope.security.interfaces.IPermission > zope.component.interfaces.IRegistered" > handler=".permissions.create_permission" > /> > > > def create_permission(permission_utility, event): > permission = permission_utilty.title > roles = () > registered = _registeredPermissions > if not registered.has_key(permission): > registered[permission] = 1 > Products.__ac_permissions__=( > Products.__ac_permissions__+((permission,(),roles),)) > mangled = pname(permission) > setattr(ApplicationDefaultPermissions, mangled, roles) > > The body of this function is copied from CMF's setSecurityInfo. > > It'd also be nice if you could set up some app-root roles using the > <grant /> directive from zope.securitypolicy, though I don't really know > how that would work yet. > > What do you think? Could we put this in as a bugfix?
+1 This has annoyed me too, the subscriber seems like a neat solution. -- Lennart Regebro: Pythonista, Barista, Notsotrista. http://regebro.wordpress.com/ +33 661 58 14 64 _______________________________________________ Zope-Dev maillist - [email protected] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
