[z3-five] Adaptation in untrusted code
Chris Withers
chris at simplistix.co.uk
Wed Nov 15 12:59:56 CET 2006
Hi All,
I need to do the following in a python script or a page template:
IRender(obj).render(context)
So, I've sacrificed the following chickens:
- allow_module(MyProduct.interfaces)
(which is where IRender comes from, so I can import it)
- security.declarePublic('render') for the render method of my adapter.
The latter makes me uneasy. It's needed because the adapter is created
without any acquisition context and so Zope 2's security machinery
thinks the current user is defined outside of the context of the object
being accessed.
What I really want is to do:
security.declarePublic(View,'render')
...in my adapter code. How can I go about doing this?
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
More information about the z3-five
mailing list