Hi all, Unpleasant things happen when views are security wrapped. Widgets refuse to work, because they are registered as views, and get a custom secuity checker (in zope.app.component.metaconfigure.view). The default view custom checker only protects '__call__', leaves all other attributes forbidden. This makes rendering a label or errors of a widget fail. Defining security permissions for the widget class does not help as the custom checker overrides them.
The TextWidget is registered in zope/app/form/browser/configure.zcml as follows: <view type="zope.publisher.interfaces.browser.IBrowserRequest" for="zope.schema.interfaces.ITextLine" provides="zope.app.form.interfaces.IInputWidget" factory=".TextWidget" permission="zope.Public" /> Gary Poster helped me find 3 ways to overcome the security wrapped widget problem: 1. ZCML only fix: add allowed_interface="...ITextBrowserWidget" to the text widget ZCML registration, and the relevant interfaces to all other widgets (maybe just IInputWidget is enough). 2. Make the view custom permission checker merge permissions registered for the view class with the permissions allowed by the view registration. 3. Make the provided interface the default allowed interface. Fall back on allowing just __call__ for the views that only provide zope.interface.Interface. I feel that the last option is best. After all, the registration above asserts the permission the view protected with, and that it provides IInputWidget. So, making the provided interface accessible by making it the default allowed interface will eliminate surprises rather than introduce new ones. (The 'allowed_interface' attribute is named somewhat ambiguously. This is the interface that is actually protected with the permission of the view, unlike the class allow subdirective.) Any comments? Albertas _______________________________________________ Zope3-dev mailing list Zope3firstname.lastname@example.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com