On Jun 21, 2009, at 5:36 AM, Christian Theune wrote:
> On Sat, 2009-06-20 at 13:04 -0600, Shane Hathaway wrote:
>> Jim Fulton wrote:
>>> Why? traverseName is part of zope.app.publication's implementation.
>>> Now it's oddly split off in a very separate package.
>> The publisher traversal code is very similar to the code in
>> zope.traversing, so I thought the best thing to do is put it in the
>> package as zope.traversing, so that traversal would be maintained
>> in one
> I think there's a valid goal around here. Publisher traversal and
> traversal as used in templates have two different implementations that
> partly overlap at some points and its hard to explain why there are
> of them.
> I'm not sure whether we can get a single unified implementation, but
> me that would be nice.
I don't agree. The semantics are different. For example, you often
want to traverse to things in a template that you don't want to expose
via URL. We currently (or last time I checked) expose ++resource+
+name in URLs and this is a bug.
The only place this traversal code is used outside of publication is
by the browser menu code that tries to traverse to a menu item to see
if it is accessible to the user. This was to avoid having to put
security declarations on menu items (a worthy goal) but we've found
that this entailed far too much expense and complexity. I'm not sure
anyone is even using this menu code any more and if they are, I bet
they are or should be making explicit security declarations.
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -