[Zope3-dev] Re: a note on groups and roles

Florent Guillaume fg at nuxeo.com
Mon Dec 8 08:59:44 EST 2003 

Gosh, I should read zope3-dev more often there's so much I'm missing...

Martijn wrote:
> Groups are not principals
> -------------------------
> 
> Since a user can't be represented by multiple principals at the same
> time in my view, I have become unconvinced that groups are a kind of
> principal. Groups are a grouping of principals. Some minimal
> questions that are useful to be able to ask are:
> 
>   principal.getGroups()

Well even this first one doesn't have clear semantics. If you allow
groups of groups (and you definitely want them), does it return only the
first level of groups the principal is defined to be in, or does it do
the transitive closure ?

>   principal.isInGroup(group)

This one is clear.

>   group.isMember(principal)

I'd rather say hasMember.

> Some of these can be implemented in terms of others.
> 
> group.getPrincipals() 
> 
> is *not* a good question to always ask, as groups may be really large
> sets or group membership may be determined by other properties of
> principals (ip address or user settings or even first letter of the
> username :). This question is therefore not always answerable.

Good point. But for a large class of group definitions it's answerable
and needed.

[...]

> There's a group called 'Everybody'
> ----------------------------------
> 
> In Zope 2, everybody can typically do at least what 'Anonymous' can do. 
> In Zope 3 since anonymous is a principal this doesn't make sense. In order to
> get to the category of everybody, let's just define the group of all
> principals.
> 
> The document mentions an 'Authenticated' group, which is fine in my
> mind. :)
> 
> All principals are in the 'Authenticated' group except Anonymous.

Yes that's quite important in giving flexibility. In CPS 3 we've had for
quite some time the notion of groups (defined globally at the acl_users
level), and two special groups are the groups 'role:Authenticated' and
'role:Anonymous' which give us the possibility to treat these two
misnamed roles as principals and thus affect local roles to them.

Thus in CPS 3 all user-managed permission changes can be done by dealing
with local-roles; if a folder has to become public we just add the local
role 'Reader' to the group 'role:Anonymous'.

Florent

-- 
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 87  http://nuxeo.com  mailto:fg at nuxeo.com

More information about the Zope3-dev mailing list