[z3-five] Re: Doing a 0.1 release?

Philipp von Weitershausen philipp at weitershausen.de
Fri Jun 25 12:39:59 MEST 2004 

Martijn Faassen wrote:
> I believe they should be renamed for the same reason as why we have
> package namespaces. Zope 2 interfaces are declared in a different
> package than the Zope 3 ones. In some ways, a Zope 2 IFolder is like a
> Zope 3 IContainer, but in other ways they're really different and when
> porting from Zope 2 to Zope 3 one should be aware of that.
> 
> For permissions this case is less strong, but permission namespaces
> exist, after all (if only as convention). You can't expect a Zope 2
> permission to be present in Zope 3, or vice versa.
> 
> There are of course permissions that seem to be "the same" across Zope 2 
> and Zope 3, like 'zope.Public' and 'zope.View'. But *most* are not. Even 
> more worrying, some permissions in the future may end up with the same 
> name as a permission in Zope 2 but be really about something else.
> 
> When porting code from one version of zope to the other, one has to 
> explicitly review the permissions. If it 'sometimes works', that is 
> actually something that might encourage people to overlook things. 
> "Sometimes works if you forget about it" is very dangerous. :)

Makes a lot of sense. I guess I didn't think about this deeply enough.

> I didn't even know redefinePermission existed; what does it do?

Well, the idea behind it is this that in a package that provides a 
number of different functionality, you really want to protect every 
piece of functionality with its own permission because you don't know 
what functionality shall be allowed to users in the target-application 
where the package is going to be used.

For example, a package lets you edit content A and content B. Instead of 
protecting both with zope.ManageContent, you protect the former with 
mypackage.EditA and the latter with mypackage.EditB. Now, I use that 
package in my application; my policy says that editing content A should 
be protected by zope.ManageContent and editing content B should be 
protected by zope.Public. So, instead of going into the package's 
configuration file, I simply do:

   <redefinePermission from="mypackage.EditA" to="zope.ManageContent" />
   <redefinePermission from="mypackage.EditB" to="zope.ManageContent" />

somewhere high-level in the ZCML execution tree.

So, come to think about it, we can remap 'zope.Public', 'zope.View' etc. 
to 'zope2.Public', 'zope2.View' etc. in a way so that Zope3 packages 
that rely on 'zope.*' permissions will work with Five.

So, +1 on the renaming to zope2.* :)

Philipp

More information about the z3-five mailing list