[Zope] Security?

[Dylan Reinhardt]

On Tue, 2003-12-02 at 10:07, Goldthwaite, Joe wrote:
> Hi Dylan,
> 
> I know I'm doing the same thing but it's something I really want to do.  I
> guess I could return the list of tuples but wouldn't I then have to refer to
> the fields by number instead of name?

You could return a dictionary... but that's not the real issue.

> I've got this nice object with named attributes and I shouldn't have to
> throw that out for security.  I tend to be a purest and have always tried
> to keep efficiency in mind when writing applications.

I'm all for efficiency.  Longer term, I'd look toward coding this up as
a product.  In the meantime, the code snip someone else offered should
do the trick.

>      I really have to get
> past that.  When I think about all the overhead a web application has to go
> through to do the same job as my old green screen application, I shiver.

It isn't necessarily *that* much more... it's still nothing compared to
a semi-trivial GUI app.  Web apps are still just text in, text out.

> 
> By the way, that return line was slick.  I didn't know Python could convert
> a item into a list in a single line like that.  You learn something new
> every day.

That's a "list comprehension," one of Python's niftier tricks. 
Definitely worth reading up on a little, they're very handy.

Dylan