[Zope-Coders] Re: [Zope-dev] Speaking of 2.6...

[Mario Valente]

At 15:12 10-04-2002 +0100, Toby Dickenson wrote:
>User X is designated as a manager of folder /Xfolder. In todays Zope
>/Xfolder is a secure environment.... He has no authority over objects
>outside that folder, thanks to aq_inContextOf
>
>Can he create links to objects outside that folder?
>

  No, he cant. To create a link (my hack...)  you first need to
 obtain the object reference (moniker) with a Copy operation
 so that you can then do a "Paste Ref." operation.


>Links would be pretty useless if not. 
>

  No they wouldnt.


>A common use case would be to
>create a link /XFolder/banner.gif to /stock_images/banners/mono.gif
>(for example).
>
>However if that is allowed, he now has management rights over that
>image object.
>
>I dont see how 'hard links' can possibly avoid this problem.
>

  Right. 

  But they would be useful to put an image in /Xfolder/images/
 and then be able to paste links to it into /Xfolder/layout1/ and
 /Xfolder/layout2/ and /Xfolder/Development without the need
 to create multiples instances of the same image or without
 coding multiple requests for that object.


  C U!

  -- MV