[z3-five] Adaptation in untrusted code
Martin Aspeli
optilude at gmx.net
Thu Nov 16 01:17:20 CET 2006
Chris Withers wrote:
> Hi All,
>
> I need to do the following in a python script or a page template:
>
> IRender(obj).render(context)
I think you need a view. :)
Seriously, views make your life so much easier when it comes to doing
anything not completely trivial with rendering/display logic. For me, at
least, they've also made me more productive - there's some more set-up
to do to begin with, but it's way easier to write code when you're not
trying to squeeze everything into python: expressions - and compared to
adding a Script (Python) they're no more code at all (think of it as
moving the crap out of the ## comments in the headers and into ZCML).
> What I really want is to do:
>
> security.declarePublic(View,'render')
>
> ...in my adapter code. How can I go about doing this?
You can do allowed_attributes="render" and permission="zope2.View" on
the <adapter /> statement, I believe.
You're sure it's the render() bit that's failing and not the
IRender(obj) lookup that needs context it doesn't have though? Honestly,
I've never tried, it just seemed really wrong to put Zope 3 stuff into
Script (Python)'s. :)
Martin
More information about the z3-five
mailing list