Would someone like to explain how to use a list in a schema object
without getting ForbiddenAttribute? This is my use case.
messages = Attribute('Chat messages')
self.messages = persistent.list.PersistentList()
<require permission="zope.View" interface=".interfaces.IChat" />
<require permission="zope.View" set_schema=".interfaces.IChat" />
I have a Chat class that implements IChat and that is declared in
configure.zcml. Both the chat object and the 'messages' attribute are
proxied automatically, right? The <require /> tags in configure.zcml
adds security declarations to the chat object, but not to the 'messages'
attribute. Am I correct this far?
When I call self.context.messages.append(...) (in a browser page for
IChat) I get ForbiddenAttribute on append. I should get this, so this
is ok. But list or PersistentList has no interface I can use in IChat
instead of Attribute. So I tried using zope.schema.List instead, but
the interface of that was a small subset of what list provides and
doesn't have append either. So I don't know how to add these security
declarations to the 'messages' attribute.
How can I use a list without getting security proxy problems? Do I have
to make my own list implementation and interface?
Zope3-users mailing list