launchpad-dev team mailing list archive
-
launchpad-dev team
-
Mailing list archive
-
Message #04184
Re: Model security: TAL or Interfaces?
On Mon, 9 Aug 2010 17:24:16 -0400
"Francis J. Lacoste" <francis.lacoste@xxxxxxxxxxxxx> wrote:
>
> If you mean protecting the field via premission: TAL expression in
> the view while leaving the underlying model field unprotected, than
> the answer is obvious: don't do that. It means that your fields are
> public in the API.
>
> You really want to protect them via model security. Now you can
> either use an interface to split the permission or declare them as
> attributes in the ZCML. Interface works best when the list of
> attribuets grow. It makes it easier to manage.
Yeah, I used TAL when I meant ZCML... XML, po-tay-to, po-tah-to, let's
call the whole thing ugly. :)
Cheers,
Paul
Attachment:
signature.asc
Description: PGP signature
Follow ups
References