[Zope3-dev] Re: principals vs. users
Guido van Rossum
guido@python.org
Fri, 14 Dec 2001 11:30:50 -0500
[jim]
> Given that several principals can be associated with a single
> human, it might be confusing to talk about them as separate
> users.
Unix says username to disambiguate these, when that's necessary.
> It *might* be useful to actually have a concept labeled
> "user" that is a (possibl implicit) "group" of all of the
> principals associated with a particulat human.
I've never heard of that, and I don't know how you would prove that
those principals really are the same person. Anyway, if you want that
concept, call it "person".
[me]
> > And another thing that came to me while writing that reply: in
> > terms of the principal <--> permission mapping, groups and roles
> > really are equivalent: both define a set of (principal,
> > permission) pairs that's the intersection of some rows and some
> > columns. Where is my thinking wrong? What is in your opinion the
> > difference between these two?
>
> I agree that, currently, roles and groups are operationally the
> same, however the intent is very different. A "role" is a
> responsability of a principal in some place. A group is a principal
> that is an assembly of other principals.
Yes, Philip's post clarified to me the psychological difference
between groups and roles; I now agree it's important.
> There are (well, will be) some operational differences:
>
> - Roles are relative to a particular object (and sub-objects).
> Groups are not context-dependent (other than the context
> of the authentication service where they are defined.
Correct.
> - In the future, principals will be able to control what roles
> they can have at a point in time. They will be able to enable and
> disable roles much as they would put on and take off hats.
Cool. Like Unix 'newgrp' but better. :-)
> It may turn out that people only have one role (wear one hat) at
> a time.
Unix has one primary group but any number of extra groups. I don't
know if this translates to Zope thoug.
> This provides some significant benefits:
>
> o More focused user interfaces can be provides based on the
> current role,
That's good.
> o Risks of client-side trojan attacks will be partly mitigated.
How?
--Guido van Rossum (home page: http://www.python.org/~guido/)