Thomas Lotze wrote:
> I mentioned the zcml extra only because that's how zope.component has to
> do with the security concept already, as a motivation of why I'm letting
> go of my opposition to introducing more of that concept into
> zope.component.

I think it would be interesting to review zope.component.zcml and see 
how it depends on security, and see whether we cannot make the 
dependency optional too. After all, most of what zope.component.zcml 
does has to do with registration, not primarily security. We could have 
it bail out with an error if a security-related directive attribute was 
provided when no zope.security is available.

Perhaps all the security-related code that zope.component needs to know 
about could go into a zope.component.security module that the rest of 
zope.component can import from if needed. This would then do the 
ImportError check and install dummy functions if zope.security isn't 
available (or possibly functions that raise the aforementioned exception).



Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 https://mail.zope.org/mailman/listinfo/zope )

Reply via email to