[Zope3-dev] Two-part permissions?

[Barry A. Warsaw]

>>>>> "JH" == Jeremy Hylton <jeremy@zope.com> writes:

    JH> The idea is that the rights can be understood be administrator
    JH> without having to be aware of the detailed semantics of those
    JH> operations.

Discoverability is IMO going to be an important part of any Zope3
security framework.  As an admin I'd like to be able to get answers to
the following questions:

- What knobs to I have to turn to allow Person A to perform Action Z?

- If I enable Permission P to Person A so that they can perform Action
  Z, what other actions does this allow that person to perform?

As an example, working with SF I find it quite difficult to answer
these two questions so I often start twiddling knobs until the person
can do what we want to let him do, and then we rely on the honor
system so that they won't do whatever else that opens up.  Not a very
confidence inspiring security framework.

-Barry