I personally always use the checkPermission from AccessControl, but I believe under the hood both zope.security and AccessControl will be calling the same code. I've looked for this code before and I think it's actually in the C portion of the roles/permissions logic.
How one should check for a permission in Plone?
Вопрос
Looking at http://developer.plone.org on how to check for a permission the first two results are:
- http://developer.plone.org/reference_manuals/external/plone.app.dexterity/advanced/permissions.html
- http://docs.plone.org/4/en/develop/plone/security/permissions.html
The first one advocates for zope.security.checkPermission
while the second prefers a AccessControl.getSecurityManager().checkPermission
.
Looking at the setup.py of AccessControl
I see that it depends on zope.security
, so the later is more low-level so to say, but at the same time zope.security seems to get more attention nowadays while AccessControl seems to be more stable (regarding getting changes on it).
So, I'm wondering which is the safe and up-to-date way to check for permissions.
Решение
Другие советы
I personally prefer using plone.api. See plone.api.user docu
This way you don't have to care, about the low level api. Even if it will change in the future, plone.api will fix it for you :-)