Hi all - There was a recent discussion regarding the behavior of ownership, particularly regarding the setting of ownership for move, rename and import operations. I've just finished checking in some changes to the model in alpha 1 that will be in the upcoming beta, along with the updated documentation (help system). The changes basically are: o Ownership information is not changed for move or rename operations. o Import now has a radio button so that you can elect to import objects with their existing ownership info intact. This is in CVS now for those who are interested - I've also included the updated help text with this email for review. updated help for ownership: Ownership Overview This view allows you to manage the ownership of a Zope object. All Zope objects except objects within the Control Panel support ownership. When an object is created, copied or imported in Zope, the logged-in user performing the operation becomes the owner of the resulting object(s). Note that simply moving or renaming an object does not change its ownership. Ownership is most important for Zope objects that "execute" content supplied through the web, such as DTML Methods, DTML Documents and SQL Methods. The abilities of these executable objects are constrained by the abilities of the object's owner as well as the user causing the object to execute from a Zope security point of view. In other words, an executable cannot perform operations that its owner could not perform directly. While most Zope objects support ownership, objects may not always have an owner assigned. Objects that do not have an assigned owner are unowned. An unowned executable object executes with the permissions of the user running the object. There are three possible states of ownership that a Zope object may be in. The object may be unowned, it may be owned directly or it may be owned implicitly. If an object is owned directly, the ownership information is stored in the object itself. If an object is owned implicitly, it acquires its ownership information from its container (which may in turn acquire its ownership information from its container, and so on). When Zope automatically assigns ownership to newly created or copied objects, it tries to use implict ownership if possible. This makes it easier to change the ownership of many objects at one time without having to visit each object directly. For example, if everything in the folder research is owned by Fred and you want to change the ownership of everything in the folder to Jim, you only need to visit the research folder and change the ownership there if all of the objects under research are owned implicitly. Managing ownership Clicking on the Ownership tab of a Zope object will display the id and title of the object along with the current ownership status of the object. If the object is not owned, you will see a message like: Zope QuickStart Outline (QuickStart) is unowned. If you have the Take ownership permission for the object, you will also see a button labeled Take ownership. Click the button to take ownership of the object. If the object is owned directly, you will see a message like: My Folder (my_folder) is owned directly by fred (acl_users). You will also see a button labeled Make ownership implicit (acquired). Click this button to remove the direct ownership information in the object and have the object acquire its ownership information from its container. If you have the Take ownership permission for the object, you will also see a button labeled Take ownership. Click the button to take ownership of the object. If the object is owned implicitly, you will see a message like: My Folder (my_folder) is owned indirectly (through acquisition) by fred (acl_users). You will also see a button labeled Make ownership explicit . Click this button to make the object store the ownership information that it is currently acquiring in itself directly. After making ownership explicit, changes to the ownership information in the current object's containers will no longer affect the ownership information of the current object. If you have the Take ownership permission for the object, you will also see a button labeled Take ownership. Click the button to take ownership of the object. Notes on Ownership It is possible to remove a user in your Zope installation while objects that were owned by that user remain (for instance, someone in your organization moves on, so you remove his account on your Zope server). When you remove a Zope user, objects that were owned by that user still have ownership information that refers to that user. This will not cause an error, but it is important to understand what happens to Zope objects whose owners no longer exist. This is most important for "executable" objects. Usually, the abilities of executable objects are constrained by the abilities of the object's owner as well as the user causing the object to execute. If Zope cannot find the user that the executable's ownership information refers to when it tries to execute the object, it will use the special nobody or anonymous user instead. The nobody user has very minimal priveleges, so you should take this into account when deciding what to do about a user's owned objects when you delete the user. If the user had DTML documents or other executable objects that depended upon their owner to have a higher level of privilege than the nobody user, they will not work correctly until their ownership has been reassigned to another user with sufficient privileges. updated help for import/export: Folder>Import/Export This view allows you to import and export objects from the Zope database. To export an object specify its id in the Export object id field and click the Export button. If you choose Download to local machine, the export file will be downloaded by your browser, if you choose Save to file on server, the export file will be saved in the Zope var directory of the server on which Zope is running. If you choose XML format, the export file will be encoding as XML, otherwise it will be encoded as a binary file. To import an object into to Zope, specify the name of the import file in the Import file name field. The import file should be located in the Zope import directory of the Zope installation. Click the Import button to import the objects in the import file. By default, you will become the owner of the objects you import. In some cases you may want to preserve the ownership information in the imported objects. To preserve the existing ownership information in the imported objects, select the retain existing ownership information option before clicking the Import button. Note that when you elect to retain existing ownership information, the ownership information will be used exactly as it appears in the imported objects. For instance, if the object you are importing was acquiring its ownership information in the place where you exported it, it will continue to acquire its ownership information when you import it (though the actual ownership information may now be different in the context into which it is imported). Likewise, if the ownership of an object was explicit (not acquired) when it was exported, then it will be explicit after it is imported. The important thing to note in this case is that if you export an object from another Zope site, the user who owned that object in the other site may not exist in the site you are importing the object into. Zope does not check to make sure the owner exists if you import an object that was explicitly owned. If the explicitly named owner does not exist in the site that you are importing into, imported objects that depended on their owner having a higher level of privilege than the special nobody user may not work correctly until their ownership has been reassigned to another user with sufficient privileges. See the online help for ownership for more details. Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com