[Grok-dev] Security declarations

Martijn Faassen faassen at startifact.com
Fri Oct 9 10:13:13 EDT 2009


Hey,

Marc Rijken wrote:
> In the security declarations we have to use the name of the permission. 
> For me it is more logical and less error sensitive when the string may 
> be replaced by the class.

> 
> My preferred situation is:
> 
> class FooPermssion(grok.Permission):
>      grok.name('foo.permission')
>      grok.title('Foo Permission')
> 
> class FooRole(grok.Role):
>      grok.name('foo.Role')
>      grok.title('Foo Role')
>      grok.permissions(
>          FooPermission,  # class instead of string
>          )
> 
> class FooView(grok.View):
>      grok.name('index.html')
>      grok.require(FooPermission) # class instead of string
> 
> What do you think?

Have you tried this? I thought we had this feature already, at least in 
grok.View. I'm not sure whether it also works for grok.Role. If not, 
that we should add this.

Regards,

Martijn



More information about the Grok-dev mailing list