[Zope-dev] Puzzling change to guarded_getitem in Zope 2.8

Dieter Maurer dieter at handshake.de
Fri Aug 26 16:26:07 EDT 2005

Richard Jones wrote at 2005-8-26 10:00 +1000:
>I'm migrating our 2.7-developed Product to 2.8. The following change has me 
>puzzled. In 2.7,  AccessControl.ZopeGuards guarded_getitem has the following 
> ...
>def guarded_getitem(object, index):
>    [ snip handling of slices ]
>    ...
>    v = object[index]
>    if Containers(type(object)) and Containers(type(v)):
>        # Simple type.  Short circuit.
>        return v
>    if getSecurityManager().validate(object, object, None, v):
>        return v
>    raise Unauthorized, 'unauthorized access to element %s' % `i`
>where "index" has become "None". This would appear to imply that we can't 
>perform access controls on a per-item basis in sequences or mappings, unless 
>we do so in the actual __getitem__ method

I remember a posting from Jim (Fulton) where he pointed out
that this (access control for individual items based on their name)
is not longer supported.
I conclude that the change you see was by purpose (although I do not
see *why* Jim removed this possibility).


More information about the Zope-Dev mailing list