durusmail: quixote-users: Further simplification of session code
Further simplification of session code
2002-05-17
Greg Ward
2002-05-17
Andrew Kuchling
2002-05-17
Greg Ward
2002-05-17
Andrew Kuchling
2002-05-17
Titus Brown
2002-05-17
Jonathan Corbet
2002-05-17
Greg Ward
2002-05-17
Andrew Kuchling
2002-05-17
Patrick K. O'Brien
2002-05-17
Greg Ward
2002-05-17
Titus Brown
2002-05-18
Greg Ward
2002-05-18
Titus Brown
Further simplification of session code
Titus Brown
2002-05-17
-> Yuck!  Python has a perfectly sensible mechanism to prevent related
-> classes from stepping on each other's toes: use 'self.__foo' instead of
-> 'self.foo'.  I propose that all instance attributes of Session *except
-> for* 'id' and 'user' should be made private, ie. renamed as follows:
->
->   remote_address   -> __remote_address
->   creation_time    -> __creation_time
->   access_time      -> __access_time
->   form_tokens      -> __form_tokens

[ munch ]

-> Finally, you'll note that the 'actual_user' attribute does not appear on
-> the above list.  We use this to give MEMS Exchange staff the ability to
-> impersonate other users of our web site, which is necessary for a
-> variety of unpleasant reasons.  But I really don't think it belongs in
-> Quixote's session class -- I think it's a MEMS Exchange-specific thing
-> that belongs in our custom Session subclass.  Thus, I propose removing
-> it from Quixote.  If you disagree and think that all Quixote-based web
-> sites ought to have the equivalent of Unix' real-vs-effective UIDs,
-> speak up.

[ munch ]

I've been slightly irritated at the remote_address etc. stuff, and
I don't use actual_user at all (and have worried about whether or not
I should...) so I like both of these suggestions.

cheers,
--titus
reply