On Fri, 30 Jul 1999, Anthony Pfrunder wrote:
The second change I propose is a "Control Panel" Product which replaces the current one but acts like a User Folder. Then, you can add permissions to Products and allow users down the chain to add their own Products by creating a "Control Panel". This would also reduce Control Panel clutter as Products can be placed where they are needed. Also, you can then subclass (via Zclasses) the Control Panel to create more user friendly Add Object systems. How do you propose to solve following facts, that 1.) Installing Products are a Superuser equivalent operations as it needs filesystem access. It should be so, as Products allow arbitrary code to be executed. 2.) Products most often do install Folder Instance methods, like many of manage_* variety, but that's not a must. So in your model, this methods should be added and removed on traversal of PartControlPanel? How does this work with multiple Threads?
Finally, we need a subclassable Filesystem object. When you insert one of these it "captures" the transations and stores them in the local Again, the problem here is SECURITY. You wouldn't want to allow the non-superuser to add filesystems, as filesystem access equals to complete 100% access. (at least to the objects contained in the filesystem area, because you do have object database and could just change the security settings with a python process.) And if one would implement your propositions about Products, each user could gain access to all data, because ZOPE provides only ``cooperative'' security on Python level.
Needless to say, they don't have to be Zope fs's. You could, for example, store some properties as an OLE stream inside Word documents. Ooops, ok, when you propose to store data in Word, then you don't need to worry about security. :(
Andreas -- Andreas Kostyrka | andreas@mtg.co.at phone: +54/1/7070750 | phone: +43/676/4091256 MTG Handelsges.m.b.H. | fax: +43/1/7065299 Raiffeisenstr. 16/9 | 2320 Zwoelfaxing AUSTRIA