Now I'm trying to make a blog-like component. I've made a container and then I
want id's of the container items (actually just a ISO-formatted date strings)
will be sorted in reverse order. I guess the simplest solution is a unicode
subclass like this returned by the chooseName() method:
class ReverseOrderedName(unicode):
"""Reverse ordered name.
>>> m1 = ReverseOrderedName("A")
>>> m2 = ReverseOrderedName("B")
>>> m1 > m2
True
>>> m1 < m2
False
"""
def __cmp__(self, other):
return cmp(unicode(other), unicode(self))
Then I've made some security declarations and all working just fine but items
names displayed like '<security proxied ... instance at ...>'.
Is this reasonable/safe to apply attached patch or maybe I can reimplement my
container in some other way?
--
Dmitry Vasiliev (dima at hlabs.spb.ru)
http://hlabs.spb.ru
Index: src/zope/app/pagetemplate/talesapi.py
===================================================================
--- src/zope/app/pagetemplate/talesapi.py (revision 30505)
+++ src/zope/app/pagetemplate/talesapi.py (working copy)
@@ -24,6 +24,7 @@
from zope.app import zapi
from zope.interface import implements
from zope.security.interfaces import Unauthorized
+from zope.security.proxy import removeSecurityProxy
from zope.tales.interfaces import ITALESFunctionNamespace
@@ -70,9 +71,10 @@
def title_or_name(self):
try:
- return getattr(self, 'title', '') or zapi.name(self.context)
+ title = getattr(self, 'title', '') or zapi.name(self.context)
except Unauthorized:
- return zapi.name(self.context)
+ title = zapi.name(self.context)
+ return removeSecurityProxy(title)
def size(self):
a = ISized(self.context, None)
Index: src/zope/app/container/browser/contents.py
===================================================================
--- src/zope/app/container/browser/contents.py (revision 30505)
+++ src/zope/app/container/browser/contents.py (working copy)
@@ -22,6 +22,7 @@
from zope.app.traversing.interfaces import TraversalError
from zope.security.interfaces import Unauthorized
from zope.security import checkPermission
+from zope.security.proxy import removeSecurityProxy
from zope.app import zapi
from zope.app.size.interfaces import ISized
@@ -148,7 +149,7 @@
id, obj = item
info = {}
- info['id'] = info['cb_id'] = id
+ info['id'] = info['cb_id'] = removeSecurityProxy(id)
info['object'] = obj
info['url'] = urllib.quote(id.encode('utf-8'))
Index: src/zope/app/traversing/browser/absoluteurl.py
===================================================================
--- src/zope/app/traversing/browser/absoluteurl.py (revision 30505)
+++ src/zope/app/traversing/browser/absoluteurl.py (working copy)
@@ -19,6 +19,7 @@
from zope.interface import implements
from zope.proxy import sameProxiedObjects
from zope.publisher.browser import IBrowserRequest
+from zope.security.proxy import removeSecurityProxy
import zope.component
from zope.app.i18n import ZopeMessageIDFactory as _
@@ -91,7 +92,7 @@
raise TypeError, _insufficientContext
if name:
- base += ({'name': name,
+ base += ({'name': removeSecurityProxy(name),
'url': ("%s/%s" % (base[-1]['url'],
urllib.quote(name.encode('utf-8'),
_safe)))
@@ -132,7 +133,7 @@
name = getattr(context, '__name__', None)
if name:
- base += ({'name': name,
+ base += ({'name': removeSecurityProxy(name),
'url': ("%s/%s" % (base[-1]['url'],
urllib.quote(name.encode('utf-8'),
_safe)))
_______________________________________________
Zope3-dev mailing list
[email protected]
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
