Would someone like to explain how to use a list in a schema object without getting ForbiddenAttribute? This is my use case.
class IChat(Interface): messages = Attribute('Chat messages') class Chat(Persistent): def __init__(self): self.messages = persistent.list.PersistentList() <class class=".chat.Chat"> <require permission="zope.View" interface=".interfaces.IChat" /> <require permission="zope.View" set_schema=".interfaces.IChat" /> </class> I have a Chat class that implements IChat and that is declared in configure.zcml. Both the chat object and the 'messages' attribute are proxied automatically, right? The <require /> tags in configure.zcml adds security declarations to the chat object, but not to the 'messages' attribute. Am I correct this far? When I call self.context.messages.append(...) (in a browser page for IChat) I get ForbiddenAttribute on append. I should get this, so this is ok. But list or PersistentList has no interface I can use in IChat instead of Attribute. So I tried using zope.schema.List instead, but the interface of that was a small subset of what list provides and doesn't have append either. So I don't know how to add these security declarations to the 'messages' attribute. How can I use a list without getting security proxy problems? Do I have to make my own list implementation and interface? Tim _______________________________________________ Zope3-users mailing list Zope3email@example.com http://mail.zope.org/mailman/listinfo/zope3-users