[Zope3-dev] Re: principals vs. users
Fred L. Drake, Jr.
fdrake@acm.org
Fri, 14 Dec 2001 11:39:59 -0500
Guido van Rossum writes:
> > It may turn out that people only have one role (wear one hat) at
> > a time.
>
> Unix has one primary group but any number of extra groups. I don't
> know if this translates to Zope thoug.
I think the typical thinking in role-based access control is that a
user enables exactly one role at a time. It might be reasonable for a
person to have both sysadmin and developer roles, but they should
never be able to wear both hats at the same time!
-Fred
--
Fred L. Drake, Jr. <fdrake at acm.org>
PythonLabs at Zope Corporation