[Zope3-dev] My take on Zope3 permissions / security.

[Jim Fulton]

Lennart Regebro wrote:
> 
...
> The only difference when it comes to this is that you don't need to change
> the role to permission mappings, you change the principal to role mapping
> instead, thereby giving a principal different sets of permissions.
> To make that possible Zope3 will need a way to make people have less roles
> further down a hierarchy,

This will be achievable through "deny" statements, the exact sematics of
which are TBD. :)

Jim

--
Jim Fulton           mailto:jim@zope.com       Python Powered!        
CTO                  (888) 344-4332            http://www.python.org  
Zope Corporation     http://www.zope.com       http://www.zope.org