[Zope-CMF] Login troubles.

John Morton jwm@plain.co.nz
Tue, 29 Jan 2002 18:37:22 +1300


On Tuesday 29 January 2002 16:40, Tres Seaver wrote:
> > I wish there where better interfaces for changing and
> > analyzing zope's security policys and local roles :-/
>
> I actually have such a beast (for the analysis, anyway):
>
>    http://www.zope.org/Members/tseaver/ZopeSecurityAudit

I've used this before, and it's quite useful for getting a snapshot of the 
state of your site tree. Unfortunately, workflows make the permissions on 
objects very dynamic, so in order to ensure that users with some particular 
role can only access the things they should, you need to add a dimension to 
each workflow aware object for the states it can be in.

Some of the other analysis problems I've run into have things like:
 
  - What protected methods do the classes that my class inherits from
  provide, and what permissions are they protected by? 

  I putting together a user profile product that I wanted to be accessible 
  only to members and discovered during testing that some of it's properties
  where available to anonymous users because methods like Description() 
  are part of DublinCoreImplementation and are protected by 'View'. I ended
  up scraping my own view permission and have the workflow override the
  acquired security policy for all the permissions I think are relevant.

  - What does a given permission mean? What does it do?

  While I was playing about building the workflow for the profile product,
  I wanted to know what 'Access contents information' did, seeing as the 
  default workflows affect it. Unfortunately there's no (easily accessable)
  documentation of intent anywhere, and a simple grep of the Zope source lead
  me chasing around a lot of string to variable, to another variable
  assignments without sheading much light.

I suspect these problems should be easy to solve with automatic tools, but I 
haven't had the time to dig around in the security machinery to figure out 
how to write one, yet.

Out of curiosity, as anyone ever considered using classes for permissions, 
rather than strings?

John