[Grok-dev] Security declarations

Marc Rijken marc at rijken.org
Fri Oct 9 11:08:00 EDT 2009

I forgot to reply to the list

-------- Originele bericht --------
Onderwerp: 	Re: [Grok-dev] Security declarations
Datum: 	Fri, 09 Oct 2009 16:59:28 +0200
Van: 	Marc Rijken <marc at rijken.org>
Aan: 	Martijn Faassen <faassen at startifact.com>

Hi Martijn,

Thanx for your prompt reply. I have tried is in grok0.14. I did not get 
any errors, but it did not work. When I changed the classes in to 
strings it did work. I have moved the code to grok1.0 and it works as 
expected. I'm not sure that was the only difference.

BTW this behaviour is not document on 
which states " permission -- the name of the permission that is required"


Op 9-10-2009 16:13, Martijn Faassen schreef:
> Hey,
> Marc Rijken wrote:
>> In the security declarations we have to use the name of the permission.
>> For me it is more logical and less error sensitive when the string may
>> be replaced by the class.
>> My preferred situation is:
>> class FooPermssion(grok.Permission):
>>       grok.name('foo.permission')
>>       grok.title('Foo Permission')
>> class FooRole(grok.Role):
>>       grok.name('foo.Role')
>>       grok.title('Foo Role')
>>       grok.permissions(
>>           FooPermission,  # class instead of string
>>           )
>> class FooView(grok.View):
>>       grok.name('index.html')
>>       grok.require(FooPermission) # class instead of string
>> What do you think?
> Have you tried this? I thought we had this feature already, at least in
> grok.View. I'm not sure whether it also works for grok.Role. If not,
> that we should add this.
> Regards,
> Martijn
> _______________________________________________
> Grok-dev mailing list
> Grok-dev at zope.org
> https://mail.zope.org/mailman/listinfo/grok-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/grok-dev/attachments/20091009/0ae16cac/attachment.html 

More information about the Grok-dev mailing list