[Zope3-dev] Initial thoughts on the Zope3 security framework
Jeremy Hylton
jeremy@zope.com
Thu, 13 Dec 2001 17:57:55 -0500 (EST)
>>>>> "GvR" == Guido van Rossum <guido@python.org> writes:
GvR> Jim & Tres called out in unison: "No, they're not the same.
GvR> We'll add groups some day."
It would be helpful, then, to define the terms. I can't find a
definition of "role" in the security proposal. There are a bunch of
interfaces and methods that have the word "role" in them, but it's all
too abstract for me to intuit any specific meaning :-).
I think the following terms ought to be defined precisely:
- principal
- role
- permission
(- group) ?
An example or two would also help.
Is a role just a bag that collects permissions?
Jeremy