"Phillip J. Eby" wrote:
At 07:55 PM 9/20/00 -0600, Bill Anderson wrote:
Potentially silly question:
Any reason why a 'user folder' object has to be named 'acl_users'.
Interesting. A quick search of the Zope source turns up only 9 references to 'acl_users', found in only 4 source files.
<dtml-snip brevity>
Personally, I think it's an intriguing idea, as I have had more than one application where I would rather have called a LoginManager by some name other than 'acl_users'. But I'm not sure it would be worth the work.
One of the ideas I am kicking around is that of CommunityMembershipSystem. In Membership-CMS, a user folder owuld need to be made, to house the user's objects. Now, there are a few ways of doing this...here are two: 1) Have the install method add a folder to do this with 2) Have the objects stored in the user object. Both have their ups and downs. For example, (2) would not deperate UID from URL's too cleanly; though it would be easier to implement in short order. Meanwhile, (1) requires the install method be given more information (where to put the folder?), and could be trickier to debug. In (2), the url to the member's folder would be "/Members/username" instead of /acl_users/username", provided the userfolder could be named something else. I don't see a reason off hand for a UserFolder to be renamable. Another reason I have considered it, is that it lends a _weak_ amount of security-through-obscurity. For example, if you see the following in a URL ".../acl_users/loginForm", you know that the site is running Zope, and where the authorization takes place. I dunno if I like it being _that_ obvious. -- E PLURIBUS LINUX