Jim mentioned to me a while ago that he was planning to have security settings for classes inherit. I was against it, because I thought that like_class answered the use case sufficiently, explicitly, and not overly annoyingly.

However, in order to get pytz timezones--a large set of automatically generated classes that potentially change every quarter--to do what we want without that, I only see monkeypatches. :-/ So I'm +1 on inherited security I guess.

It would theoretically let me do something like this zcml

<content class="datetime.tzinfo">
<require permission="zope.Public" interface="zope.interface.common.idatetime.ITZInfo" />
<content class="pytz.tzinfo.BaseTzInfo">
  <require permission="zope.Public" attributes="zone" />
<content class="pytz.UTC">
  <require permission="zope.Public" attributes="zone" />

instead of this monkey patch (recorded for posterity, in case anyone needs this now...or has a better suggestion)

# XXX argh.
import pytz.tzinfo
from zope.security.checker import NamesChecker
from zope.interface.common.idatetime import ITZInfo
names = set(ITZInfo.names(all=True))
checker = NamesChecker(names)
pytz.UTC.__Security_checker__ = checker
pytz.tzinfo.BaseTzInfo.__Security_checker__ = checker
# end argh.

Zope3-dev mailing list
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com

Reply via email to