[Zope] Obscure security?

Dieter Maurer dieter@handshake.de
Thu, 22 Nov 2001 19:59:22 +0100


Ragnar Beer writes:
 > I spent some time searching the documentation for an explanation of 
 > the "Access_contents_information" permission but didn't find 
 > anything. I think this is vital information for any Zope admin and 
 > should be easy to find. How can I set up permissions when I can't 
 > find out exactly what permissions I'm actually granting?
While I understand your wish, it probably is not that easy.
I expect, that there was not a precise design behind the security
declarations. Instead, there were probably an initial set
of permissions, "View", "Access contents information", ...
with nothing more than the informal meaning expressed by the
english words describing the permission (not too bad...).
For me, this informal use has been sufficient so far.

When you really want to learn about all details, then you
may use a tool to find all occurrences of "Access contents information"
in the Zope sources (I work under Unix and would use "find" together
with "fgrep").
As you are convinced, that this information is vital for
Zope users, you may collect it and donate it as an appendix
to the ZDG (Zope's developper guide).

When we all behave this way, the Zope communities strength will
grow fast....


Dieter