[Grok-dev] grokcore.component 1.0 released!

Philipp von Weitershausen philipp at weitershausen.de
Thu May 1 09:24:20 EDT 2008


On 1 May 2008, at 14:55 , David Pratt wrote:
> Hi Phillip, this looks interesting. Can you explain how this works  
> together with z3 security. Since multiadapters are part of the mix,  
> I am assuming this means everything is without any security on the  
> views as with regular Grok. I am willing to consider trying this out  
> a small project but my stumbling block is security. Many thanks.

grokcore.component is not about views. It's just about adapters, multi- 
adapters, utilites and event subscribers. Those components typically  
have no security associated with them (except for those so-called  
"trusted" adapters which occur very rarely).

Saying that views in regular Grok are "without any security" isn't  
true anyway. Views can be protected quite easily and effectively using  
security declarations in Grok. They're just public by default to make  
development in the beginning easy. But if you use regular Zope 3 plus  
grokcore.component rather than Grok, you won't get the public-by- 
default setting anyway.



More information about the Grok-dev mailing list