[Zope3-dev] RFC: Unification of requests and security contexts
through Use
Steve Alexander
steve at z3u.com
Wed Jan 21 09:41:50 EST 2004
> I don't like the word 'use', as it leads to sentences involving "the use
> of the use", which are highly difficult to comprehend. This is not a
> theoretical complaint; Jim already used two such lines in a row in this thread
> already.
Other words are "Activity", "Performance", "Interaction".
> I don't understand the concept of "Actor" as differentiated from "Principal".
Ok. In a recent email, I suggest getting rid of Actor.
> In my understanding, the Principal is the external entity that is using the
> system, but apparently this is now not the case.
A principal is a representation (internal to the system) of an external
entity that is using the system.
> in practice I'm suddenly confronted with the new concepts of
> Use, Participation and Actor. Generic words that don't ring "Security" to me
> either.
Let's lose "Actor".
Security is related not just to principals, but also to what they are
trying to do. Maybe you're allowed to draw pictures, and I'm not allowed
to draw pictures, but I am allowed to watch you drawing pictures.
So, the security policy allows your principal the "draw pictures"
permission, and my principal the "watch pictures being drawn"
permission. Provided our use of the system is limited to you drawing and
me watching, we'll be allowed to do what we're trying to do.
--
Steve Alexander
More information about the Zope3-dev
mailing list