[Grok-dev] Re: Neanderthal sprint topics

Wichert Akkerman wichert at wiggy.net
Wed Oct 3 03:05:31 EDT 2007


Previously Tres Seaver wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Philipp von Weitershausen wrote:
> 
> > Martijn Faassen wrote:
> 
> >> On it being a push model, we push the context, request and view to the 
> >> template. :)
> > 
> > Well, yeah. But you'd be surprised how many ZPT templates you see in 
> > Zope (2) applications (such as Plone) that abuse the availability of 
> > 'context' and reach waaaaaay too much into content space. Admittedly 
> > it's a combination of having 'context', acquisition and Python 
> > expressions. But still. We should try to find a decent compromise.
> 
> I would actually avoid a compromise:  don't even *offer* context to new
> views by default, especially ones coming from "push" land:  even 'view'
> and 'request' are probably a bad idea.  Instead, make the view class
> responsible for constructing an explicit namespace for the template.
> 
> Such an approach has a number of benefits:
> 
>  - The template contains no "heaving lifting" / API-dependent logic
>    (because it can't get to the APIs at all).
> 
>  - The contract of the view class becomes explicit and testable.
> 
>  - The view renders faster, because no security checks need be done
>    *at all* in a push-model view (the class is implicitly trusted,
>    and the template only gets what the trustee gives it).

+1

Wichert.

-- 
Wichert Akkerman <wichert at wiggy.net>    It is simple to make things.
http://www.wiggy.net/                   It is hard to make things simple.


More information about the Grok-dev mailing list