[Zope3-dev] Two-part permissions?

[Chris Withers]

"Barry A. Warsaw" wrote:
> 
> Discoverability is IMO going to be an important part of any Zope3
> security framework.  As an admin I'd like to be able to get answers to
> the following questions:
> 
> - What knobs to I have to turn to allow Person A to perform Action Z?
> 
> - If I enable Permission P to Person A so that they can perform Action
>   Z, what other actions does this allow that person to perform?
> 
> As an example, working with SF I find it quite difficult to answer
> these two questions so I often start twiddling knobs until the person
> can do what we want to let him do, and then we rely on the honor
> system so that they won't do whatever else that opens up.  Not a very
> confidence inspiring security framework.

Well, as your example demonstrates, I think it's a bit more general than that.

My experience is that the level of caring is dependent on the level of trust in
the principal, and you either:

- Only trust someone to read information
- Trust someone to edit and add information
- Trust someone to configure the system and/or write code

Now, if you make those placeful, I think we've got all of Barry's bases covered.

What have I missed?

cheers,

Chris