Hi

I could at the very least evaluate the Owner special principal
into the real owner, when I provide the __acl__ registration via the
property accessor

Most of the project is defined in a uml model and the code is being
generated. So
declaring the permissions where possible in the model means I need to use
abstractions representing things like Owner in the model

T

On Tue, Feb 16, 2010 at 7:49 AM, Tim Hoffman <zutes...@gmail.com> wrote:
> HI Tres
>
> The last thing I would love to be able to do would be to declare the
> permissions
> at the class level
>
> as in
>
> (Allow, Owner, "edit")
>
> And have a Owner a special principal like Everyone,
> that allows me to declare the permission. But only evaluates "owner"
> when the permission is checked
>
> Do you think that could work, I haven't worked out how I could
> implement that though.
>
> T
>
> On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver <tsea...@palladion.com> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Tim Hoffman wrote:
>>
>>> I was hoping to declare the local role equivalent at the class level,
>>> but following from what you said
>>>
>>> I have a class declaration for "site_manager" and persist
>>> a user/owner declaration on the object at creation time ?
>>>
>>> Then when I retrieve the entity from the app engine datastore
>>> have a __acl__ property accessor which
>>> then merges the class declaration with the persisted addition
>>> definition of ower.
>>>
>>> Does that sound like an appropriate approach?
>>
>> That sounds like it would work, yes.
>>
>>
>> Tres.
>> - --
>> ===================================================================
>> Tres Seaver          +1 540-429-0999          tsea...@palladion.com
>> Palladion Software   "Excellence by Design"    http://palladion.com
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL
>> izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h
>> =ruoG
>> -----END PGP SIGNATURE-----
>>
>
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Reply via email to