Rupert Redington wrote:
Dominik Huber wrote:
Rupert Redington wrote:
<adapter
for=".interfaces.ILink"
provides=".interfaces.ILinkDetails"
factory=".link.LinkDetails"
trusted="True"
/>
if you use trusted adapters you have to declare an additional class or
content directive for the adapter itself.:
<class class=".link.LinkDetails">
<require
permission="zope.View"
interface=".interfaces.ILinkDetails"
/>
<require
permission="zope.ManageContent"
set_schema=".interfaces.ILinkDetails"
/>
</class>
regards,
dominik
Thank you - thats an instafix.
I only added the "trusted" declaration to get round an earlier error in
which the adapter couldn't access the objects annotations...
Am I right in thinking that a trusted adapter isn't really necessary for
this sort of use?
I prefer the trusted adapter because they encapslulate the adapter
inside a security proxy. Then the trusted
adapter has full access to the underlying object. That simplifies the
security story very much because you handle it on the adation level. If
you use locatable and trusted adapters everything works like you would
access a regular content object.
Regular adapters do not provide an own security proxy but do wrap an
security proxied
content object. Everything coming from this security-proxied content
object will get wrapped into a security-proxy too.
Therefore your annotated object will be security-proxied. IMO it not
possible to set permissions granularly to implementations on annotations
level, because different application provide different permission
declarations.
How would one then aviod being denied access to the
annotations?
You have to specify the class-directive for the annotated object itself.
Regards,
Dominik
_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
