launchpad-dev team mailing list archive
-
launchpad-dev team
-
Mailing list archive
-
Message #06979
Re: check_permission removed from security.py
On 19 April 2011 12:39, Julian Edwards <julian.edwards@xxxxxxxxxxxxx> wrote:
> Another pattern that can be used is to construct the appropriate adapter
> directly and run its checkAuthenticated() method, which is what many of the
> existing adapters already do. I think I prefer this to introducing the extra
> level of indirection in forwardCheckAuthenticated() but YMMV :)
By skipping the adapter lookup there is a small (very small?) risk
that the code may one day not use the configured security policy for
the given object. In essence it short-circuits the configuration of
security policy, and is probably a violation of DRY, though it's
hardly an egregious one. I think forwardCheckAuthenticated() should be
preferred, if only by a slight margin.
Follow ups
References