At 07:55 PM 9/20/00 -0600, Bill Anderson wrote:
Potentially silly question:
Any reason why a 'user folder' object has to be named 'acl_users'.
Interesting. A quick search of the Zope source turns up only 9 references to 'acl_users', found in only 4 source files. In OFS/Application.py, acl_users is the name of the default user folder. No change would be needed here to allow differently named user folders. In AccessControl/User.py, acl_users is used as the name of user folder objects in their classes, and in the constructor, code checks for an existing "acl_users" object to prevent dual-adding user folders. This could be changed to check whether __allow_groups__ has an id, and then checking whether that 'id' exists. In AccessControl/Role.py, acl_users is assumed to be the name of a user folder to be used for retrieving user names. However, there is no reason this code couldn't check for __allow_groups__ instead. In AccessControl/access.dtml, certain security options (creating user-defined roles) are suppressed if the managed object has an id of 'acl_users'. I'm not sure how to patch this one. It would probably make sense to have a class attribute for user folders which overrode a default in AccessControl.Role.RoleManager. e.g. "allowSettingUserDefinedRoles" or some such. With these straightforward (but not necessarily simple) changes, Zope could be made to support the presence of user folders with other names. If it was desired to have it support adding or renaming of user folders with other names, additional changes would be required. For example, the add form for a user folder. Personally, I think it's an intriguing idea, as I have had more than one application where I would rather have called a LoginManager by some name other than 'acl_users'. But I'm not sure it would be worth the work.