[Zope3-dev] a note on groups and roles
Matt Behrens
matt@zigg.com
Fri, 22 Mar 2002 19:30:10 -0500
On Fri, Mar 22, 2002 at 06:32:09PM -0500, Jeremy Hylton wrote:
> The current Zope philosophy advocates a distinction between group and
> role that is not found in the security literature. This note argues
> that Zope's concepts of group and role both correspond to the
> traditional notion of group, and that roles are a separate and useful
> concept.
The concept of moving groups and roles as we know them now into
groups' intrigues me, to be sure; it leads me to question why groups
that are seperate from roles are indeed so badly needed in Z2. My
thought is that maybe the real problem today is that Z2's ZMI
security tab becomes very unmanageable when you start using roles
to group users, and if we had some kind of better default UI, this
could work.
And no, I don't know what that UI would be.