launchpad-dev team mailing list archive

[Gary Poster <gary.poster@xxxxxxxxxxxxx>]

On Dec 21, 2010, at 1:23 PM, Henning Eggers wrote:

> Hi,
> I have been trying to figure out how adapter look-up works in Zope. Please
> consider this example:
> 
> http://paste.ubuntu.com/546342/
> 
> It turns out that the returned adapter depends on the order in which the
> interfaces are mentioned in the "implements" statement of "MyImplementation".
> QueryAdapter will always return the adapter to the first interface in the
> list, in this face "MyAdapterA".
> 
> It would be interesting to know if this behavior is intended and deterministic.

Yes.  The first is always regarded as the most important, in this and other aspects.

> 
> This has bearing on our security policy though (which is why I was trying to
> figure this out). In my case this translates as follows:
> 
> ITarget = IAuthorization
> InterfaceA = IHasCustomLanguageCodes
> InterfaceB = IProduct
> the_name = launchpad.TranslationsAdmin (the named permission)
> 
> The IAuthorization objects in security.py get registered as adapters from
> "<usedfor>" to IAuthorization, named "<permission>". With the behavior I
> identified here, it follows that the selection of the security policy depends
> on the order in which the "implement" statement of the "Product" class lists
> interfaces. In this case, the Adapter for IHasCustomLangugeCodes shadows the
> adapter for IProduct because that list is sorted alphabetically AFAICT.

I'm not familiar with anything alphabetical being involved.

> 
> I was not aware of this. Is everybody else? Is this intended? Is this good?

I think it is good for the adapter registry: it is a simple rule that can be relatively easily reasoned about, as opposed to something with more heuristics.

In this context, I've never done a thoughtful survey of Launchpad's security machinery, and don't have a concrete opinion as to its usage of the adapter machinery.  It sounds like a "Gotcha" at best, in this context.

Gary