regebro at gmail
Dec 31, 2011, 4:07 PM
Post #2 of 12
On Sat, Dec 31, 2011 at 20:09, Martin Aspeli <optilude+lists [at] gmail> wrote:
> Hi folks,
> I have documented some of the darker corners of Zope's internals. I
> put it in the Plone developer documentation for lack of a better
> place, but it's not Plone-specific:
> Topics covered include startup, publication, traversal and security.
> One reason to do this, apart from morbid fascination, is to provide a
> baseline against which we can consider simplifying some of this stuff.
> For example, I'd like to consider an (opt-in) simplification of the
> publisher and traversal, probably based on a stripped-down and
> modernised repoze.zope2, which does away with some hooks and edge
> cases, but is much simpler and easier to understand. Some things we
> could consider chopping are:
> - Attribute traversal to anything other than methods at the end of
> the traversal chain (i.e. use __getitem__ traversal only)
> - Traversal to anything without explicit security declarations
> - The docstring security check
> - Maybe __bobo_traverse__ (i.e. just implement __getitem__) and
> __before_publishing_traverse__ (use a BeforeTraverseEvent instead, and
> notify this for all traversals, not just over local component sites)
> - All differences between publication and path traversal
> This is still somewhat half-baked and obviously would break things and
> require at least a new major version of Zope, but I think it's worth
> exploring at least.
+1 for all of those, as a part of the so called "Zope 4" path of developments.
Zope-Dev maillist - Zope-Dev [at] zope
** No cross posts or HTML encoding! **
(Related lists -