[Zope3-dev] Store information to principals

Florian Lindner mailinglists at xgm.de
Sat Aug 21 11:40:07 EDT 2004 

Am Samstag, 21. August 2004 16:05 schrieben Sie:
> On Aug 21, 2004, at 9:27 AM, Florian Lindner wrote:
> > Am Samstag, 21. August 2004 08:21 schrieben Sie:
> >> On Aug 19, 2004, at 12:36 PM, Florian Lindner wrote:
> >>> Hello,
> >>> I want to store further information to principals, like email or
> >>> homepage.
> >>> How can I achieve this in the best way?
> >>
> >> using the principal annotation service
> >
> > Ok, thats what I thought.
> >
> >>> Can it be done through a web interface?
> >>
> >> you'd have to make one, zope3 is very much python developer oriented
> >> at
> >> this stage.
> >
> > Ok.
> >
> >>>  What is the PrincipalAnnotation
> >>> Utility doing?
> >>
> >> its storing annotations ( transparent property bags) in a
> >> service/utility (the distinction between the two, imho was always
> >> weak.) keyed by the principal id. via the annotations/property bag you
> >> can store arbitrary persistent properties on the annotation like
> >> homepage.

Ok, that's exactly what I want to. Is there any detailed introduction around 
to the PrincipalAnnotation Service in the Internet.

> >>> Or do I need to create a new principal object? (subclass of
> >>> zope.app.services.pluggableauth.SimplePrincipal?)
> >>
> >> if you have specialized needs beyond the attribute storage covered
> >> above maybe.
> >>
> >>> At a later point a principal should be able to create user groups
> >>> (groups of
> >>> other principals). How would you do that?
> >>
> >> give them the appropriate permissions.
> >
> > I don't really understand how want to do that with permission. Can you
> > explain
> > a little detailed?
>
> the zope3 security model is similiar to zope2 afaics, principals map to
> roles, and roles map to permissions. permissions guard access to
> attributes, including those to create other principals (although from
> the code it looks like you can grant principals permissions directly
> but its not exposed through the ui) . so if you setup a principal auth
> service, and a principal source within it you can then add new
> principals ttw. then to selectively give the ability to create
> principals to to others users you would grant them the appropriate role
> with the appropriate permission (for example "Manage Principals").

I think you misunderstood me. I didn't meant the creation of new principals 
but only to collect principals in groups.
Every user and create a arbitrary number of groups containing other 
principals. Something like a ICQ user can create user groups. The prinicipals 
in the user groups shouldn't be real users, only pointers to real users.

> >>> I'm not expecting complete implementations here (altough I'd be happy
> >>> about
> >>> it) but I need some information to start (like what Interfaces to
> >>> subclass
> >>> and implement).
> >>
> >> untested, but something along the lines of the following might
> >> suffice.
> >>
> >> from zope.app import zapi
> >> from persistence.dict import PersistentDict
> >>
> >> app_namespace = "http://my.example.com/principal_properties"
> >> app_homepage_key = "homepage"
> >>
> >> # some class method, where self is context wrapped
> >>
> >> def store_homepage( self, principal, homepage ):
> >>      annotation_service =
> >> zapi.getService(zapi.servicenames.PrincipalAnnotation, self)
> >>      annotations = annotation_service( principal.id )
> >>      app_annotations =  annotations.setdefault(  app_namespace,
> >> PersistentDict)
> >>      app_annotations[ app_homepage_key ] = homepage
> >
> > What type is zapi.getService returning? I have't found in the apidoc.
> > Is it a
> > zope.app.principalannotation.interfaces.IPrincipalAnnotationService?
>
> yes
>
> > What is type annotations?
>
> its a mapping.
>
> > How do I need to register this component with ZCML?
>
> the annotation stuff is built in, afaics.

But where to put this piece of code? And how to tell Zope where I've put it?

> > How to create a Webinterface for the ZMI to change the annotations?
> > With
> > schema like ContentObjects?
>
> i dunno..  i suppose it would depend on the application.. perhaps just
> map some views onto a containment based principal source and its
> principals.

Thanks for your help....
I hope I'm not acting to stupid....  ;-)
Florian

More information about the Zope3-dev mailing list