Most Powerful Open Source ERP

Guideline Python Class Method Should Have Security Declaration

Don't forget security declaration on class methods.
  • Last Update:2017-04-05
  • Version:001
  • Language:en

Python Class Method Should Have Security Declaration

When writing a class from product that will be stored in ZODB, don't forget to declare appropriate security for methods. Usually you will use "Access contents informations" (for example here) to allow the user getting information from the object, or "Modify portal content" to allow the user modifying the object. For more information you can refer to Security chapter in the zope developer's guide, in the zope book or ERP5 5A Security Model.

The way to access content information is shown for example in the PasswordTool.py.

Good Example:

Bad Example: