[Grok-dev] grokcore.component and trusted adapters

Martin Aspeli optilude+lists at gmail.com
Fri Aug 7 11:12:29 EDT 2009


Christian Zagrodnick wrote:
> On 2009-08-06 17:19:07 +0200, Martin Aspeli <optilude+lists at gmail.com> said:
> 
>> Christian Zagrodnick wrote:
>>
>>> constantly I require trusted adapters.
>> Just curious, but what do you actually need them for?
> 
> As Martijn already deducted, it's for using grokcore in zope 3 with 
> model level security. And then you sometimes want to declare how access 
> to the adapter is handled, for instance when using it in a form. The 
> case I currently have is that I have an lxml tree on one object and use 
> adapters to modify various parts of the tree. And since a tree 
> basically consists of only one class you cannot do any meaningful 
> security assertion there.
> 
> Hope that helps.

It does. I must say I'm dubious about the usefulness of model-based 
security (as opposed to view-based security) in practice, and wary of 
proxies in general (but then I may have just been bitten too many times 
by acquisition).

Cheers,
Martin

-- 
Author of `Professional Plone Development`, a book for developers who
want to work with Plone. See http://martinaspeli.net/plone-book



More information about the Grok-dev mailing list