On Sat, Dec 31, 2011 at 20:09, Martin Aspeli <optilude+li...@gmail.com> wrote:
> Hi folks,
>
> I have documented some of the darker corners of Zope's internals. I
> put it in the Plone developer documentation for lack of a better
> place, but it's not Plone-specific:
>
> http://collective-docs.readthedocs.org/en/latest/zope_secrets/index.html
>
> Topics covered include startup, publication, traversal and security.
>
> One reason to do this, apart from morbid fascination, is to provide a
> baseline against which we can consider simplifying some of this stuff.
>
> For example, I'd like to consider an (opt-in) simplification of the
> publisher and traversal, probably based on a stripped-down and
> modernised repoze.zope2, which does away with some hooks and edge
> cases, but is much simpler and easier to understand. Some things we
> could consider chopping are:
>
>  - Attribute traversal to anything other than methods at the end of
> the traversal chain (i.e. use __getitem__ traversal only)
>  - Traversal to anything without explicit security declarations
>  - The docstring security check
>  - Maybe __bobo_traverse__ (i.e. just implement __getitem__) and
> __before_publishing_traverse__ (use a BeforeTraverseEvent instead, and
> notify this for all traversals, not just over local component sites)
>  - All differences between publication and path traversal
>
> This is still somewhat half-baked and obviously would break things and
> require at least a new major version of Zope, but I think it's worth
> exploring at least.

+1 for all of those, as a part of the so called "Zope 4" path of developments.
_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
https://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope )

Reply via email to