Hi, I had some conversation with Tres about the SecurityPolicy implementation. I would like to clean up following problem:
The method "validate" is not very clear about when it will raise an exception and when it will return a boolean. This results in code that expects it to return a boolean, and makes conclusions about exceptions that are wrong by catching the anonymously, transforming them all (e.g. AttributeError) into Unauthorized. This shadows the real source of a problem, also the code that calls validate probably shouldn't raise Unauthorized on it's own. But there's where my problem starts: could we get it somewhat clear who should raise Unauthorized, what can be expected from validate and where should only boolean values be returned? I would like to see some discussion, wrap it up in a proposal, and deliver the code on a branch. Thanks for listening, Christian -- Christian Theune, gocept gmbh & co.kg phone: +49-3641-233526 mobile: +49-179-7808366 mail: [EMAIL PROTECTED] _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )