thoughts, notes and mooo...
We use Grok at work to (re)build our publishing platform. One of the things though that Grok does that we definitely do not want, is to have all views "open" by default. So, only when you explicitly tell Zope (through Grok) to require a permission for a particular view, Zope will trigger authentication in order to authorize the request.
There're some vague plans to have this optional. To have a switch somewhere that you can flip and have all views closed by default.
In meantime we thought of this quick and elegant hack: use a custom grokker that looks for view (-like) components and raises an error if the view component does not require any permission. Since this error will be raised "at grok time" it will effectively prevent the application from starting, if it has unprotected views:
class CheckRequireGrokker(martian.ClassGrokker):
component_class = grok.View
def grok(self, name, factory, module_info, config, **kw):
if not grok.util.get_default_permission(factory):
raise GrokError(
'This application requires %r to use the grok.require '
'directive!' % factory, factory)
return True
Basically, on an application level you can check all kinds of stuff on your components!
Update: of course, to be sure all view like components are protected, you need to check on the XMLRPC, REST, JSON, and *Form components as well.
