[z3-five] Re: Security and Five

Philipp von Weitershausen philipp at weitershausen.de
Mon Jun 21 12:30:23 MEST 2004 

Martijn Faassen wrote:
>> As far as security is concerned, I think we are good enough to
>> go. There are more features on zope2 security, like setDefaultAccess
>> and declareObjectProtected, but I think we shouldn't go there. Most
>> people don't even know those exist, and they don't have counterparts
>> in z3. Even declarePrivate doesn't have a counterpart in z3. *wink*
> 
> We should make sure that everything that we *don't* explicitly set in 
> ZCML is actually forbidden. I don't know what Zope 3 does if you supply 
> a page and don't set a permission; the permission attribute is not 
> required. I imagine it falls back to some default permission in that case.

Nope, it doesn't. We just discovered a "bug" in the metadirective 
interfaces. 'permission' *is* required on all browser:page[s] 
directives, probably also for zope:view and browser:view. I will fix 
this in Zope3 tonight.

>> I would suggest to
>> move some files around, to make the package a bit more consistent. (eg:
>> fiveconfigure.py to handlers/five.py, fivedirectives to
>> directives/five.py, and so on)
> 
> It was consistent until you started to introduce the subpackages. :) 
> Zope 3 doesn't define sub packages to separate out this code; modules 
> are good enough there. So, I'll turn the question around on you. :) Why 
> do you think it should be different for Five?

I agree; also, we might want to get rid of metadirectives.py and import 
from zope.app.component etc. directly. I think having well-defined and 
limited dependencies to zope.app packages is not only ok but preferrabl 
since we don't want to reimplement everything ourselves, especially not 
interfaces!

Now that I've discovered the bug in Zope3, i think it would be even more 
important to rely on Z3. Otherwise I'd now have to fix the bug in Five 
as well. Would anyone object using imports from zope.app....?

> I was happy to see Philipp define a bunch of permissions. On the naming 
> of the permissions, I think we should not use 'zope' but 'zope2' as a 
> prefix in Five, as this makes it easy to avoid accidental name clashes 
> with permissions that are truly Zope 3 native. This is important when 
> porting code back and forth; something needs to change anyway and it's 
> good to make it not work 'accidentally'. Is there anything in the system 
> now that depends on the prefix being zope instead of zope2?

I don't think so. I don't feel strongly about it the prefix, so 'zope2' 
would be fine with me.

Philipp

More information about the z3-five mailing list