Portal action available_expr and security restrictions
derek.richardson at gatech.edu
Mon Aug 13 02:49:05 UTC 2007
So, I need to have a portal action that queries for an adapter and gets a
utility in its available_expr. Can't do that in an expr, it seems. Tried
module['zope.component'].getUtility(...), but security error.
So, I moved the logic to a util function in my package and tried just invoking
the util function from the expr. Security error again, but now on my module, of
course, not on zope.component.
I know that I can change security settings to allow access to my module and
solve the problem. Two issues. (1) this is meant as a third-party product and I
don't know about the legitimacy of doing this. (2) more importantly, I'm aiming
at inclusion in Plone 3.5, so my package is plone.app.syndication.outbound, and
relaxing security restrictions on the plone namespace seems a bad idea.
Also, my product is really just python packages, not an old-style product, so
I'm not sure about how to create an external method or script with relaxed
I'm in over my head, here, and may not be making complete sense. Hopefully
someone can clear this up with a few sentences. ;)
More information about the Product-Developers