[Zope] Zope concepts

Luis Cortes lcortes@pollak.com
Tue, 23 May 2000 08:47:06 -0600


On Tue, 23 May 2000, you wrote:
>> 
>> Hi all,
>>  
>> This is a conceptual rather than technical question....
>>  
>> I intend to build an intranet with zope...though it's not as simple as
>> that...I'd like 90% of the site to be password protected (giving access
>> to members of my company)...do I use acl_users for this?

Yes.  You might also create a ROLE called "CompanyMembers"

>>  
>> I'd also like parts of the site to be accessible (and maybe manageable
>> albeit minimally) by clients....Do I have to create a second user/access
>> model for this or can I use the acl_users to do this for me too.
>>  
You can use ACL_USERS for this too.  Maybe another role for clients might be
necessary try "Clients" if they have different rights than the Anonymous user.

>> I'm having problems 
>>     a. Making the acl_user stuff work...I can either login as admin or
>> not all. 

You can create as many users and roles as you like.  for example, lets say that
we have the normal roles owner, manager, anonymous and the 2 new ones, Clients,
and CompanyMembers.  If you want you can create different access rights for
each and every group on each and every object in your database ( overkill ). 
What normally happens is that people put their objects into different folder
objects and set the permissions on the folders as to who (which group) can
access them.
	Now, when you create a new user, you can assign them to the appropriate
group (or groups).  Remember that permissions are set by group not user - this
is why you really need to assign the person to a group, otherwise he is
considered an anonymous user.


The question here is: did you know that you can create your own roles?  and
once that you have created your own roles, remember to remove acquistion from
the folders that are different  ( permission wise ) from the parent.

>>     and b. Getting to grips with the concept of the user/privs/access
>> model in acl_users
>>  
>> So the question is this...do I/can I use acl_users to manage all my
>> authentication requirements, only allowing certain clients to view
>> certain areas of the site...allowing company members to edit and view
>> all of the site etc..if so then I'll slog on experimenting with the
>> acl_users stuff...
>>  
>> thanks
>>  
>> tom
>> 

----------------------------------------
Content-Type: text/html; name="unnamed"
Content-Transfer-Encoding: quoted-printable
Content-Description: 
----------------------------------------

Hope this helps,
Luis.