[Zope-dev] Puzzling change to guarded_getitem in Zope 2.8
dieter at handshake.de
Fri Aug 26 16:26:07 EDT 2005
Richard Jones wrote at 2005-8-26 10:00 +1000:
>I'm migrating our 2.7-developed Product to 2.8. The following change has me
>puzzled. In 2.7, AccessControl.ZopeGuards guarded_getitem has the following
>def guarded_getitem(object, index):
> [ snip handling of slices ]
> v = object[index]
> if Containers(type(object)) and Containers(type(v)):
> # Simple type. Short circuit.
> return v
> if getSecurityManager().validate(object, object, None, v):
> return v
> raise Unauthorized, 'unauthorized access to element %s' % `i`
>where "index" has become "None". This would appear to imply that we can't
>perform access controls on a per-item basis in sequences or mappings, unless
>we do so in the actual __getitem__ method
I remember a posting from Jim (Fulton) where he pointed out
that this (access control for individual items based on their name)
is not longer supported.
I conclude that the change you see was by purpose (although I do not
see *why* Jim removed this possibility).
More information about the Zope-Dev