[Grok-dev] Default permission for Views?

Philipp von Weitershausen philipp at weitershausen.de
Wed Nov 5 06:57:59 EST 2008


Jan-Wijbrand Kolman wrote:
> ps. I think it was Philipp who explained to me a while ago that
> 'zope.Public' isn't really a permission itself at all, but an
> indication to the security machinerey that there's no need to secure
> this view at all. Something like that.

Indeed. 'zope.Public' isn't a permission as much as an identifier for 
the public checker. The public checker always allows attribute access, 
whereas the permission-based checkers ask the interaction (= instance of 
security policy) whether the user has a certain permission (the one that 
was configured when the checker was defined).

'zope.Public' is a somewhat misleading name therefore. Eons ago Steve 
Alexander already voted for renaming it to just 'public'. Given its 
widespread use now and the explicit checks for this identifier 
throughout security-related code, it might be too late to do this now.


More information about the Grok-dev mailing list