In AccessControl/User.py, acl_users is used as the name of user folder objects in their classes, and in the constructor, code checks for an existing "acl_users" object to prevent dual-adding user folders. This could be changed to check whether __allow_groups__ has an id, and then checking whether that 'id' exists.
I've read through all the Zope source that uses __allow_groups__, so I think I know what it is used for.
What I can't work out is, why is this value called __allow_groups__ ?
Can anyone offer any insight?
Long ago, when the sky was dark and the earth boiled and the primordial elements of Zope were brewing, __allow_groups__ was a simple dictionary-like thing that was generally hard-coded in applications to control access (and the publisher used it directly). As the earth cooled and simple life began to emerge, the __allow_groups__ structures became manageable through the web in a relatively rudimentary way (but still looked a lot like simple dicts to the publisher). By the time the hairy mammals began walking upright and Zope assumed the general form we see today, the publisher expected __allow_groups__ to be either a dict-like object or to have a 'validate' method. In theory, it still supports the old dict behavior today. Maybe not insight, but a little history at least... 8^) Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com