Lennart Regebro wrote:
...
I any case: There are a lot of permissions in a Zope system. When adding some more products, you get even more permissions.
I think we'll address this in two ways in Zope 3: - We'll make it possble to build sites with few permissions by putting permission definition under the site manager's control. Many sites would be better served by course-grained permissions. - For sites that need fine-grained permissions, we'll provide a mechanism for grouping permissions in the UI. See for example: http://dev.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/GroupingPer...
Roles are a grouping of permissions,
Somehow, I really don't like describing roles this way. Roles are principal responsibilities. Principal responsibilities require certain permissions.
and is neccessary to make the permission system mangeable. If you each time you need to locally change the permission settings for a group of a person have to wade through 30-40 permissions and remember exactly what each of them does, you will only end up with giving most people the rights to do almost everything.
Yup.
The only problem with the Roles system is that people over and over again mistake it for usergroups, since they are expecting usergroups. This can be fixed by having some type of usergroups in addition to the roles. Then people won't think roles are usergroups, read the documentation and see the light. Besides, some type of user grouping is necessary.
I agree.
Also, the Anonymous and Authorized roles should be removed, because these
I think you meant "Authenticated"?
are not proper roles, and may add to the confusion of roles and groups.
Hm, from a conceptual point of view, this is a very good point.
Anonymous should be a built-in and non-removable principal.
It is a group that includes all other principals.
If it helps to clear up the roles concept, maybe some other roles like "Author", "Viewer" or "Member" should be created by default. But "Authorized" is a state, not a role.
Perhaps it should be viewed as a group that all principals with any credentials are in. Perhaps it's just a concept that should be left to specific authentication services.
FWIW, relatedly, I don't understand the use of the term "principal" instead of "user" for the "entity with credentials" in Zope 3.
Neither do I.
Really? Even after reading: http://dev.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/SecurityFra... Jim -- Jim Fulton mailto:jim@zope.com Python Powered! CTO (888) 344-4332 http://www.python.org Zope Corporation http://www.zope.com http://www.zope.org