[Zope3-dev] Re: a note on groups and roles
Tres Seaver
tseaver@zope.com
Mon, 25 Mar 2002 10:29:56 -0500 (EST)
On Mon, 25 Mar 2002, Phillip J. Eby wrote:
> At 10:06 PM 3/24/02 +0000, Florent Guillaume wrote:
>
> > - Roles are really groups of permissions.
>
> No, they aren't.
>
> A role is an application-domain relationship between a user and an
> application--domain object, which *implies* a set of permissions.
"No reductionists need apply." :)
> IMHO they are a critical, and *non-optional* feature of the Zope security
> model.
+1
--
===============================================================
Tres Seaver tseaver@zope.com
Zope Corporation "Zope Dealers" http://www.zope.org