[ZDP] BackTalk to Document The Zope Book (2.5 Edition)/Users and Security

webmaster@zope.org webmaster@zope.org
Tue, 15 Oct 2002 05:37:00 -0400

A comment to the paragraph below was recently added via http://www.zope.org/Documentation/Books/ZopeBook/current/Security.stx#3-32


      This security pattern is called *delegation*, and is very common
      in Zope applications. By delegating different areas of your Zope site to
      different users, you can take the burden of site administration
      off of a small group of managers and spread that burden around
      to different specific groups of users.
      Later in the chapter we'll look at other security patterns.

        % Anonymous User - June 4, 2002 12:45 pm:
         I think it may be valuable to point out at this step how a user actually would get to manage his subfolder. I.e.
         http://machine.com:8080/MyFolder/manage if he is a manager in the MyFolder folder.

        % Anonymous User - Aug. 23, 2002 6:42 am:
         This was the point I am looking for. After creating an User in an sub folder I was not able to login, since
         the user has no root access.
         Now it works, thanks. It also works if I call manage if the folder is redirected via Apache.

        % Anonymous User - Oct. 15, 2002 5:36 am:
         it is important to relate the above to the use that Zope makes of paths.
         Consider this situation

         where view.py is a Python script which shows some restricted informations
         (such as ownership of the objects). When the user access the URL
         what security settings are taken into account?
         the settings for the file /data/a_file or the settings for /view.py?