[Zope-CMF] Re: More skins (was Re: [Zope-dev] Re: Problems with Transparent Folder and Zope 2.3.3)
Mon, 25 Jun 2001 10:37:47 -0400
On Monday 25 June 2001 10:31, Chris Withers wrote:
> Shane Hathaway wrote:
> > On Monday 25 June 2001 04:47, Chris Withers wrote:
> > > Shane Hathaway wrote:
> > > > Again, it doesn't allow layers from outside the portal_skins tool
> > > > because of security considerations, not performance
> > > > considerations.
> > >
> > > Erm... I know I'm being dense, but coudl you explain these again?
> > That's alright.
> Hehe... you must be getting used to it by now ;-)
> > BTW skins can't be chosen after authentication in the general sense
> > so don't ask. :-)
> Ah, that's what I was after ;-) OK, because I can't ask whether skins
> could be chosen after authentication, can I instead ask why they can't?
> Only asking 'cos I'm interested and it feels like a good way to improve
> my Zope knowledge...
Okay. The problem is that there are so few things we can hook. There's
__of__, which we hook now. There are also BeforeTraverse hooks. There's
__getattr__, but that gets invoked without an acquisition wrapper. I
suppose __getattr__ could actually grab the security context and sneakily
find the REQUEST that way... then it could be cookieless too. I hadn't
thought of that before. I suppose one could create an alternate skins
tool based on that. Nobody's done that before, though.