Dario Lopez-Kästen wrote:
Florent Guillaume wrote:
Paul Winkler wrote:
On Fri, Dec 02, 2005 at 04:12:01PM +0100, Jean-Marc Orliaguet wrote:
does zope2 do an access control based on acquisition for public
methods, that would be a waste of resources since the answer is
always "yes, granted" ?
Well, the thing is, the declaration that makes the method public
*has no effect* unless your class participates in acquisition.
That's not true. The objects of this class will be perfectly
accessible to a restricted user:
from AccessControl import ClassSecurityInfo
security = ClassSecurityInfo()
In Zope 2.7.8 I get a segmentation fault when I try to do the above; I
also have the following code that manages this for any class (to avoid
having to do that for every single class):
a_class.security = ClassSecurityInfo()
a_class.security.declareObjectPublic() # Segmentation fault
I cannot swithc to Zope 2.8 because my code runs in PLone 2.05 and it
does not work with Zope 2.8.
The segmentation fault occurs in the declareObjectPublic() statement.
Is there a fix for the Zope 2.7 to this problem?
that's because it does not seem to work with new-style python classes in
it works with:
This is what you would have got:
File "/opt/Zope-2.7/lib/python/AccessControl/SecurityInfo.py", line
165, in apply
dict['%s__roles__' % name] = access
TypeError: object does not support item assignment
if you'd run it without the extra call.
now, the question is if it's worth the extra effort.
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -