https://stackoverflow.com/questions/22760485
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI personally always use the checkPermission from AccessControl, but I believe under the hood both zope.security and AccessControl will be calling the same code. I've looked for this code before and I think it's actually in the C portion of the roles/permissions logic.
How one should check for a permission in Plone?
Question
Looking at http://developer.plone.org on how to check for a permission the first two results are:
- http://developer.plone.org/reference_manuals/external/plone.app.dexterity/advanced/permissions.html
- http://docs.plone.org/4/en/develop/plone/security/permissions.html
The first one advocates for zope.security.checkPermission while the second prefers a AccessControl.getSecurityManager().checkPermission.
Looking at the setup.py of AccessControl I see that it depends on zope.security, so the later is more low-level so to say, but at the same time zope.security seems to get more attention nowadays while AccessControl seems to be more stable (regarding getting changes on it).
So, I'm wondering which is the safe and up-to-date way to check for permissions.
Solution
OTHER TIPS
I personally prefer using plone.api. See plone.api.user docu
This way you don't have to care, about the low level api. Even if it will change in the future, plone.api will fix it for you :-)
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
