On 3 September 2010 17:03, Laurence Rowe <l...@lrowe.co.uk> wrote: > A few more points: > > Security > -------- > > The current AccessControl security model has served us well. While > some simplification may be possible by dropping unused legacy > features, no major changes to functionality should be expected. > Porting to Python 3 will be the obvious time to make any > simplifications.
I agree that the model is good. However, I've spent more time with a pdb deep into AccessControl than I'd care to think about. The code is quite obscure and difficult to debug, even with "verbose security". I think we need to clean the code up and document it properly. How many people know how the various permission attributes work, for example? Martin _______________________________________________ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team