-----Original Message----- From: Michel Pelletier [mailto:michel@digicool.com] Sent: Monday, December 13, 1999 8:09 AM To: 'Ross Boylan'; zope-dev@zope.org Subject: RE: [Zope-dev] Object ownership
-----Original Message----- From: Ross Boylan [mailto:RossBoylan@stanfordalumni.org] Sent: Sunday, December 12, 1999 9:22 PM To: zope-dev@zope.org Subject: [Zope-dev] Object ownership
I've been making some assumptions about how ownership works, and I'd appreciate it if anyone could tell me if they are right.
1) The owner of an object is the authenticated user when the script that creates it runs.
Correct.
2) So User objects have an owner of superuser, not themselves.
huh? My thinking here is that a user doesn't exist until after the User object (in acl_users) is created. Ordinarily, one needs to be a manager to do so. So the question is, does the manager own the User object, or does the newly created user own that object.
I realize now superuser is not necessary for this, but manager is. The setup I have is that one comes in anonymously and fills in a form. This invokes a method which has a raised privileged level (I can't now recall the exact lingo--like local roles, but I think that's for users, not methods). The method then calls the code to add the user. So there are actually 3 possible owners: the original AUTHENTICATED USER (anonymous); the heightened privilege (which might be a group--Manager--rather than a user, in which case things seem sticky); or the user which gets created. The question is which of these is the owner of the User object. Thanks for the info.