© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
67d34a1
(Get the code!)
This bug is essentially a superset of bug 431203, which I marked incomplete and haven't seen any further activity on.
The rationale behind the exposed attributes is:
1. your model code constructs a ResultSet and returns a security proxied object to the view code.
2. the view code treats the ResultSet as an immutable sequence/iterable and presents the data to the user.
Both set() and remove() can be used to modify the contained objects, which will bypass the security proxies on those objects.
get_select_expr() will return a Select object, which has no security declarations (and it isn't clear that any would be desirable).
find(), group_by() and having() are really used to configure result sets, so are mostly intended for use on the model side.
I could see an argument for exposing difference(), intersection() and union() as a way for view code to combine multiple results, but it isn't clear how often it makes sense to do this on the view side rather than model side.
If my analysis is wrong, please explain what it is you want to do and how the current security declarations are preventing you from doing so. Simply stating that some methods are not exposed doesn't really give enough information to respond to the bug report.