Dieter Maurer wrote:
bruno modulix wrote at 2005-9-29 13:20 +0200:
...
The problem here is that CPS (the portal and all CPMs are CPS instances) uses predefined roles, on which the various workflows relies, so that would mean renaming all roles - differently - on each CPM, and modifying the workflows too.
I think that is would only be necessary that the roles are disjoint between "Portal" and "CPM". All "CPM"s can use the same roles.
Nope. Some users may have different roles from CPM to CPM.
I did not say that the "user to role" mapping should (or even must) be identical in all CPMs but that the *set* of roles *might* be identical in all CPMs -- or to say it differently: that you are not forced to use disjoint role sets for any pair of CPMs.
Hopefully, you see the difference...
Dieter, I didn't misunderstood your proposed solution. But some users exist in different CPMs with different roles in each CPM. So - unless I'm totally at lost with how Zope's security works - if User1 has role RoleWithMuchPrivileges in Cpm1 and role RoleWithFewPrivileges in Cpm2, he could gain RoleWithMuchPrivileges in Cpm2 just by using faked url cpm1/cpm2/whatever_he_should_not_access_here. Worse, anyone existing in any CPM could gain access to any other CPM just by faking url. See, it's not only a 'portal roles' vs 'CPMs roles' problem, it's a 'siblings CPS instances in the same Zope container with a same domain name' problem. Playing with roles and permissions aquisition settings and whatever is not the solution here IMHO. Detecting and correcting 'faked' urls would be simpler and better - and that's somehow the solution I applyed - even if in a somewhat hackish way. BTW I'm still looking for a "hands on" doc on traversal hooks, if there's such a thing... -- Bruno Desthuilliers Développeur bruno@modulix.org