Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How one should check for a permission in Plone?

Looking at http://developer.plone.org on how to check for a permission the first two results are:

  • http://developer.plone.org/reference_manuals/external/plone.app.dexterity/advanced/permissions.html
  • http://docs.plone.org/4/en/develop/plone/security/permissions.html

The first one advocates for zope.security.checkPermission while the second prefers a AccessControl.getSecurityManager().checkPermission.

Looking at the setup.py of AccessControl I see that it depends on zope.security, so the later is more low-level so to say, but at the same time zope.security seems to get more attention nowadays while AccessControl seems to be more stable (regarding getting changes on it).

So, I'm wondering which is the safe and up-to-date way to check for permissions.

like image 781
gforcada Avatar asked Mar 20 '23 01:03

gforcada


1 Answers

I personally always use the checkPermission from AccessControl, but I believe under the hood both zope.security and AccessControl will be calling the same code. I've looked for this code before and I think it's actually in the C portion of the roles/permissions logic.

like image 149
adamfc Avatar answered Mar 29 '23 19:03

adamfc