[Zope3-dev] Re: principals vs. users
Guido van Rossum
guido@python.org
Fri, 14 Dec 2001 11:41:25 -0500
> I think the typical thinking in role-based access control is that a
> user enables exactly one role at a time. It might be reasonable for a
> person to have both sysadmin and developer roles, but they should
> never be able to wear both hats at the same time!
I dunno. I kind of like the fact that when I submit a timesheet for
review to myself, I can approve it without changing hats. Ditto for
publishing a document that I wrote.
--Guido van Rossum (home page: http://www.python.org/~guido/)