[Zope-PTK] Roles, Groups, Security and Group Membership

Chris Withers chrisw@nipltd.com
Wed, 12 Jul 2000 23:01:19 +0100


"Dan L. Pierson" wrote:
> I'm not sure that this is either necessary or desireable.  

Hey, I had to start somewhere ;-)

> I'd hate
> for simple PTK users to have to set up a group hierarchy to get
> started.  

Hence if it's needed, it should happen silently until configuration is
required ;-)

> It seems to me that group membership is an attribute of a
> Member, like home folder.  

Yes, in the same sense a user has certain roles, users may be members of
certain groups. I'm not yet convinced the two are one and the same...

> The publishing logic could then look at
> this attribute (these attributes? It may not be that simple.) to
> determine whether to automatically publish something or hold for
> review.  

...or whether they have a right to view soemthing that's already there,
but yes, spot on :-)

> I.E. the problem may not be the Zope security system, it may
> be the PTK using Zope security instead of a private mechanism.

I think Zope security should cover it though rather than the PTK having
to provide it's own mechanism. As I see it, the cotnent review process
should be in the PTK, but the group security thing should be in Zope
itself...

cheers,

Chris

PS: Comments, of course, are highly encouraged...