Loginmanager/guf the right way to go?
Wouldn't it be better to improve Zope's built in authentication system to support more generalized membership systems? Rather than building these separate loginmanager/user folder things? That way roles and permissions could be integrated easily. And auto-account generation could be possible: 0. let anonymous people fill in the account gen form.. 1. send out the email with pre-generated password 2. build default folder/prefs/whatever 3. let the user login and see whatever the role supports... plus their personal stuff. I guess the main problem is the "plus their personal stuff" thing. How hard would it be to make a new private vs. public layer. It seems this would start to sound like unix permissions... 'doomed to repeat' et all. As I understand it, currently there isn't any private stuff for people in the same role? This seems like it might be useful for major sites... and yes... one day... when zope rules the world... there will be 'major sites' and people will have their own folders and all will be good. ...IMHO, comments please. Regards, Alex. 1010011010101001101010100110101010011010 0 Digital Garage 1 Alexander Schonfeld 0 alex@garage.co.jp - pear - 03-5454-7219 1 http://www.zope.ne.jp/
----- Original Message ----- From: "Alexander Schonfeld" <alex@garage.co.jp> To: <zope-dev@zope.org> Sent: Tuesday, May 16, 2000 11:43 PM Subject: [Zope-dev] Loginmanager/guf the right way to go?
Wouldn't it be better to improve Zope's built in authentication system to support more generalized membership systems? Rather than building these separate loginmanager/user folder things?
Since Zope is really a very flexible framework, there isn't much of a "built in vs. separate" dichotomy. LoginManager is designed to be the generalized membership system. And it's *very* generalized... users can be stored in the ZODB, SQL database, an LDAP database, /etc/passwd (or any combination!), and can have propertysheets and attributes pulled from ZODB, SQL, filesystem, or whatever. As I understand it, that functionality is there right now, but some of the user-friendly management interfaces aren't there yet, and no one has yet implemented SQL UserSources with it.
That way roles and permissions could be integrated easily. And auto-account generation could be possible: 0. let anonymous people fill in the account gen form.. 1. send out the email with pre-generated password 2. build default folder/prefs/whatever 3. let the user login and see whatever the role supports... plus their personal stuff.
A bit of this exists today in the PTK (which uses an older version of LoginManager).
I guess the main problem is the "plus their personal stuff" thing. How hard would it be to make a new private vs. public layer. It seems this would start to sound like unix permissions... 'doomed to repeat' et all.
Zope's permissions are quite flexible. If there is something that only the user should see, you can just grant permissions for that object only for the Owner role.
As I understand it, currently there isn't any private stuff for people in the same role? This seems like it might be useful for major sites... and yes... one day... when zope rules the world... there will be 'major sites' and people will have their own folders and all will be good.
Since the creation of the Owner role, you can have private stuff for people. The user creates the object and is given the "local role" of "Owner" for the object. If the Owner is the only one with permission to view the object, then that object is private. Membership is not yet to the point where you just plug it in and it works, but things are moving along a path that will give Zope a very, very flexible membership system. Which is a great thing at this stage, because everyone will have different requirements. Kevin
participants (2)
-
Alexander Schonfeld -
Kevin Dangoor