El lun, 28-08-2006 a las 20:49 +0200, Philipp von Weitershausen escribió: > Lorenzo Gil Sanchez wrote: > >> Right. Because you're not supposed to poke at __data. The two > >> underscores should scare you off! > >> > >> By the way, this is a rule of thumb: > >> > >> Whenever you get ForbiddenAttribute errors, you're doing something > >> wrong. Either: > >> > >> 1. you're missing security declarations > >> > >> 2. you're accessing something that purposely has no security > >> declarations because you're not supposed to access it. > >> > >> Most of the times when newbies hit ForbiddenAttribute, it's #1. In your > >> case it's #2. > >> > >> If you would take advantage of interfaces and look at IContainer, you > >> would see that contianers are like mappings (=dictionaries). Therefore, > >> in order to add something in the container, you need to be able to > >> access the __setitem__ method. Check for that and you'll be all set. > >> > > Sorry, my fault: I forgot to mention that I *did try* > > zope.security.canWrite(obj, '__setitem__') before and it always returns > > False, no matter if I try with the right user. > > Why canWrite? You're not trying to *set* __setitem__! You should be > checking for canAccess(container, '__setitem__'). People who want to add > stuff to a container want to *call* container.__setitem__(...). I > suggest you read up on the Python mapping API. >
Oh! that was a stupid error indeed :( Using canAccess now just does the opposite: it always returns True. I guess that's because when I register my container in the ZCML file I'm using zope.Public for the whole interface. I should split my interface in two interfaces, one for read-only attributes and one for write attributes, like the IContainer does. So instead of inheriting my INewsFolder interface from IContainer I inherit from IReadContainer and I explicit say in the configure.zcml that it also implements IWriteContainer. That way I can specify different permission for read and write attributes. Thanks a lot for your answers Philipp Lorenzo _______________________________________________ Zope3-users mailing list [email protected] http://mail.zope.org/mailman/listinfo/zope3-users
