Authenticated Users and lots of folders
Hi all, I need the Zen of the list here, before I go off and implement something weird wild and wacky. I have a lot of authenticated users (1200 staff, 14000 students). The staff are associated with a department. There are 85 departments, each with a code (eg 1550 = Medical Faculty) I want all authenticated staff to be able to add entries to a database. I want some staff to be able to act as 'Editors', that is, allow the database entries to be displayed. Thing is I *don't* want staff from dept 'a' to be able to act as editors for dept 'b'. We currently use UserDB to do our cookie based authentication. My first thought was to create 85 folders, with ids '1550', '1099' etc and install a UserDB into each one of them. Each one of the folders has a property 'dept', that is the value of the dept code (eg 1550). I then do a ZSQL query something like Select username, password, roles, domains from password, dept_code from departments where username = <dtml-sqlvar username type=string> and dept_code = <dtml-sqlvar dept type=string> Does this sound sensible to people? Does anyone have a better idea! :) (please don't say I need to use CMF - I'm tracking that list, but I can't figure out how to extract the various parts of CMF (reviewers etc) to use in my situation). TIA Tone -- Dr Tony McDonald, Assistant Director, FMCC, http://www.fmcc.org.uk/ The Medical School, Newcastle University Tel: +44 191 243 6140 A Zope list for UK HE/FE http://www.fmcc.org.uk/mailman/listinfo/zope
Tony, Heres an approach. You say you have 85 departments and 1200 staff. Therefore, you'll have something like 85 categories or codes that will apply to something like 1200 users. Why not setup a database (Gadfly would do?) with a table called something like userDepts It could have these fields: UserID Dept Desc? You would manually add one record for all 1200 or so staff and enter stuff like: userID = the users logon ID Dept = 1550 Desc = 'Medical Faculty" Now, when your ready to do an Inquiry filtered to the current user you could do something like: (bad pseudo code follows) 1) <dtml-in "zSqlForTheTableAbove(userID=AUTHENICATED_USER.getUserName())"> <dtml-call "REQUEST.set('userDept',dept)"> </dtml-in> 2) Make the zSQL call you described below now that the users "dept" is pushed into REQUEST David Tony McDonald wrote:
Hi all, I need the Zen of the list here, before I go off and implement something weird wild and wacky.
I have a lot of authenticated users (1200 staff, 14000 students). The staff are associated with a department. There are 85 departments, each with a code (eg 1550 = Medical Faculty) I want all authenticated staff to be able to add entries to a database. I want some staff to be able to act as 'Editors', that is, allow the database entries to be displayed.
Thing is I *don't* want staff from dept 'a' to be able to act as editors for dept 'b'.
We currently use UserDB to do our cookie based authentication.
My first thought was to create 85 folders, with ids '1550', '1099' etc and install a UserDB into each one of them. Each one of the folders has a property 'dept', that is the value of the dept code (eg 1550). I then do a ZSQL query something like
Select username, password, roles, domains from password, dept_code from departments where username = <dtml-sqlvar username type=string> and dept_code = <dtml-sqlvar dept type=string>
Does this sound sensible to people? Does anyone have a better idea! :)
(please don't say I need to use CMF - I'm tracking that list, but I can't figure out how to extract the various parts of CMF (reviewers etc) to use in my situation). TIA Tone -- Dr Tony McDonald, Assistant Director, FMCC, http://www.fmcc.org.uk/ The Medical School, Newcastle University Tel: +44 191 243 6140 A Zope list for UK HE/FE http://www.fmcc.org.uk/mailman/listinfo/zope
Hi Tony, I do not grasp all the details of what you would like to achieve. I manage a small educational site with different departments and using basic authentication I created a userfolder in each department folder. However people, and especially students, travel a lot betweeen departments and teachers participate in courses of several departments. Therefore I am thinking (only thinking because I still have no clear view of how to achieve this) of collecting the users of all departments into one userfolder and giving users local roles in department folders according to the data on their department membership in a (external) relational database. Cornelis J. de Brabander ========================================== Department of Education, Leiden University P.O.Box 9555, NL-2300 RB Leiden +31 71 527 3422/3401 brabander@fsw.leidenuniv.nl ==========================================
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Tony McDonald Sent: woensdag 30 mei 2001 8:09 To: Zope mailing list Subject: [Zope] Authenticated Users and lots of folders
Hi all, I need the Zen of the list here, before I go off and implement something weird wild and wacky.
I have a lot of authenticated users (1200 staff, 14000 students). The staff are associated with a department. There are 85 departments, each with a code (eg 1550 = Medical Faculty) I want all authenticated staff to be able to add entries to a database. I want some staff to be able to act as 'Editors', that is, allow the database entries to be displayed.
Thing is I *don't* want staff from dept 'a' to be able to act as editors for dept 'b'.
We currently use UserDB to do our cookie based authentication.
My first thought was to create 85 folders, with ids '1550', '1099' etc and install a UserDB into each one of them. Each one of the folders has a property 'dept', that is the value of the dept code (eg 1550). I then do a ZSQL query something like
Select username, password, roles, domains from password, dept_code from departments where username = <dtml-sqlvar username type=string> and dept_code = <dtml-sqlvar dept type=string>
Does this sound sensible to people? Does anyone have a better idea! :)
(please don't say I need to use CMF - I'm tracking that list, but I can't figure out how to extract the various parts of CMF (reviewers etc) to use in my situation). TIA Tone -- Dr Tony McDonald, Assistant Director, FMCC, http://www.fmcc.org.uk/ The Medical School, Newcastle University Tel: +44 191 243 6140 A Zope list for UK HE/FE http://www.fmcc.org.uk/mailman/listinfo/zope
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Tone, Knowing something of how you do things in Newcastle, I'd hazard a guess that these 1200 users etc are already in a corporate DB, yes? If so then the easy way is to create the folders as you suggest, then create an external method which does selects on the db and sets local roles on the folders as you need them. Something along the lines of (untested): def setLocalRoles(self, deptid=None): res=self.theSelectQueryForDepts(deptid) theFolderWeWant=getattr(self,deptid,None) for r in res: theFolderWeWant.manage_setLocalRoles(r[0],['Manager']) The critical lines are the all the ones in the above procedure ;) But basically setting the local roles will give the people found local management rights, or you could create another role and give them that. The r[0] bit will need to be changed to pull back the correct field from your sql query. hth Phil phil.harris@zope.co.uk ----- Original Message ----- From: "Tony McDonald" <tony.mcdonald@ncl.ac.uk> To: "Zope mailing list" <zope@zope.org> Sent: Wednesday, May 30, 2001 7:09 AM Subject: [Zope] Authenticated Users and lots of folders
Hi all, I need the Zen of the list here, before I go off and implement something weird wild and wacky.
I have a lot of authenticated users (1200 staff, 14000 students). The staff are associated with a department. There are 85 departments, each with a code (eg 1550 = Medical Faculty) I want all authenticated staff to be able to add entries to a database. I want some staff to be able to act as 'Editors', that is, allow the database entries to be displayed.
Thing is I *don't* want staff from dept 'a' to be able to act as editors for dept 'b'.
We currently use UserDB to do our cookie based authentication.
My first thought was to create 85 folders, with ids '1550', '1099' etc and install a UserDB into each one of them. Each one of the folders has a property 'dept', that is the value of the dept code (eg 1550). I then do a ZSQL query something like
Select username, password, roles, domains from password, dept_code from departments where username = <dtml-sqlvar username type=string> and dept_code = <dtml-sqlvar dept type=string>
Does this sound sensible to people? Does anyone have a better idea! :)
(please don't say I need to use CMF - I'm tracking that list, but I can't figure out how to extract the various parts of CMF (reviewers etc) to use in my situation). TIA Tone -- Dr Tony McDonald, Assistant Director, FMCC, http://www.fmcc.org.uk/ The Medical School, Newcastle University Tel: +44 191 243 6140 A Zope list for UK HE/FE http://www.fmcc.org.uk/mailman/listinfo/zope
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
participants (4)
-
Cornelis J. de Brabander -
David Hassalevris -
Phil Harris -
Tony McDonald