Please keep the mailing list in the loop, others may have insights too.
On 23. mar. 2007, at 15.37, Garito wrote:
> If you read the link I put, you could read I can create (with
> CrearFuncionalidad) but not delete it (with BorrarFuncionalidad)
that seems
> to have the same security necessities
Return a callable from your traverser (so return the __call__, don't
call it yourself). The publisher will call it for you after the user
has been authenticated.
As Dieter said __bobo_traverse__ can't return strings or ints for
that I create (as he tall me, thanks again) a wrapper that returns
the rendered code
Fine, that's what I ment. But your wrapper should implement a
__call__ method. The publisher will call that method at a time where
security *has* been set up.
Do make sure that you wrap your wrapper in the correct security
context though:
class Wrapper(Acquisition.Implicit):
def __call__(self):
# Things that need a security context need to be done here.
return getSecurityManager().getAuthenticatedUser().getId()
class SomeItem(SimpleItem):
def __bobo_traverse__(self, REQUEST, name):
if name == 'Wrapper':
return Wrapper().__of__(self)
else:
return getattr(self, name)
This way the security policies can still look up the security context.
--
Martijn Pieters
_______________________________________________
Zope maillist - [email protected]
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
