[Grok-dev] Default permission for Views?

Kevin Teague kevin at bud.ca
Tue Nov 4 20:04:37 EST 2008


I've got an app where I want to protect all Views be default to only
users with a specific Role. There is this snippet generated by
grokproject:

              <!-- Replace the following directive if you do not want
                   public access -->
              <grant permission="zope.View"
                     principal="zope.Anybody" />
              <grant permission="zope.app.dublincore.view"
                     principal="zope.Anybody" />

But changing the site.zcml security declarations don't seem to effect
anything. It seems like
"grokcore.security.util.check_or_default_permission" is what decides
the default permission with:

      if permission is None:
        permission = 'zope.Public'

So should this be made overridable? Or should I just sprinkle
grok.requires throughout my Views or am I missing something?


More information about the Grok-dev mailing list