On Fri, Dec 02, 2005 at 09:49:25AM -0500, Paul Winkler wrote:
> 2) in the wrapper class, use ClassSecurityInfo() to 
> declare the methods you need public or permission-protected,
> or use allowAny().

Brain fart, sorry. There is no allowAny in ClassSecurityInfo
or elsewhere.
The quick-and-easy thing to do, if you don't want to create
wrapper or derived class, somewhere in some Product code,
do stuff like the following:

from AccessControl import allow_class, allow_module, ModuleSecurityInfo

# Allow scripts to *instantiate* a class.
# Skip this if your scripts don't need to instantiate the objects.
# Note that you can't call methods on it yet, keep reading...


# Allow unrestricted access to all *existing* instances
# of a class. Now you can call its methods.
# Note this *doesn't* automatically allow you to use
# other objects returned by any of its methods, so 
# you may need to explicitly allow a bunch of other classes too...


# Allow scripts to import and use a function defined in
# some product. This works just like allowing to instantiate classes.


# Works for standard library or other modules on $PYTHONPATH too.


# Allow unrestricted imports and usage of an *entire* module:
# ... well, mostly. Sometimes that doesn't work and you need
# to sprinkle in a few more declarations, e.g. for types
# defined in C.
# See for example
# lib/python/Products/PythonScripts/module_access_examples.py
# showing complications for e.g. the "re" module.


Paul Winkler
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to