[Zope3-dev] Question: Are principals (sometimes aka users) content or meta-content?

[Jim Fulton]

Content is accessable with normal URLs. Content is of interest to
normal users and/or content managers of a site.

Meta-content exists to support the operation of a site and the
management of regular content. Meta-content is accessed and managed
by developers or managers of a site using meta-content URLs. Meta-content
URLs always include the "++etc++site" path segment.

Services are meta content.  One type of service is an authentication
service.  It provides access to principals.

Principals are objects that can be granted access.  When a
user logs in, they are associated with some number of principals.
There can be different kinds of principals, like user principals,
groups, SSL certificates and so on.  The conceptual framework is flexable,
but implementations may be simpler and less flexable. For example, the
current Zope 3 implementations don't provide any support for groups
or certificates.

I've been assuming that authentication services would directly or indirectly
contain principals and that, therefore, principals are meta-content.

OTOH, many sites treat members/users more like content.

I'd like to get a clearer concpetual model for this and would be
interested in what people think about it.

On IRC, Steve suggested that principals and "users" ("members") might be
different objects and that principals are adapted to users, where principals
are meta-content and users are content. Another way to look at this is
that, perhaps, users/members are content and principals are associated with
users. Users are content and (for some principals) you can get a user from a
principal.

I think it would be worthwhile to brainstorm this a bit here.

Thoughts?

Jim

-- 
Jim Fulton           mailto:jim@zope.com       Python Powered!
CTO                  (703) 361-1714            http://www.python.org
Zope Corporation     http://www.zope.com       http://www.zope.org