...Jim Fulton wrote:
Here are 2 other alternatives to consider:
1. Add a "locate" option to the adapter directive, which defaults to false. If true (locate="1"), then a location proxy is always added to the adapter.
Yup. -1 That's might be *to much explicitness* for dev
I really don't think so.
> 1 and complecates the
adapter directive too.
Actually, I think it simplifies it a little. It separates trusted-ness from location-ness.
2. Option 1 but default to true if a non-public permission is specified.
These alternatives are explicit and hande the case where permissions are declared in a separate directive.
In both sugestions the problem is not solved, that the public permission declaration within the adapter directive cannot be adapted to all trusted adapters, because the 'valid' security-declartations might be registered within an addional <class...
I think you are mistaken. If you declare permissions in a class directive, you'd use a locate attribute in the adapter directive, as in:
<adapter factory=".myFactory" trusted="1" locate="1" /> <class class=".myFactory"> <require permission="X" interface="IX" /> ... </class>
In this case you'd get the location even though the adapter directive doesn't specify a permission.
-- Jim Fulton mailto:[EMAIL PROTECTED] Python Powered! CTO (540) 361-1714 http://www.python.org Zope Corporation http://www.zope.com http://www.zope.org _______________________________________________ Zope3-dev mailing list Zope3email@example.com Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com