grok.require directive should use a default value of 'zope.View'
Bug #389386 reported by
Christian Theune
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
grok |
Fix Released
|
High
|
Jan Wijbrand Kolman | ||
1.0 |
Fix Released
|
High
|
Jan Wijbrand Kolman |
Bug Description
Currently the grok.require directive doesn't specify a default and causes "check_
Two unfortunate issues:
- The default generated site.zcml says to remove zope.View from the anybody principal in order to disable public access. This won't work, as zope.Public is always accessible.
- zope.Public is not a permission and can't be taken away at all.
I think, we should make zope.View the default permission set by the grok.require directive if nothing is specified.
To post a comment you must log in.
jw says this is great one for the EP sprint