Thankd for this Mike, It is exactly what I want. I do think it unusual that zope does not have such a basic and common function built in to the system. One possible solution would be to modify the useredit form in acl_users to ask users for thier existing password when setting a new one. That way you could let them have access to the acl_users folder and be confident that they will only change their own details. Not quite perfect but much better. Tom => -----Original Message----- => From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Mike => Renfro => Sent: Saturday, 30 June 2001 12:08 AM => To: tomc@evetcia.com => Cc: zope@zope.org => Subject: Re: [Zope] users managing their own user details => => => On Fri, Jun 29, 2001 at 10:15:31AM +1000, tomc@evetcia.com wrote: => => > I want to encourage them to change their password regularly. => But I don't => > want them to be able to edit other user's details or even => create acl_users => > folders, just edit their own details. => => http://www.zope.org/Members/tseaver/user_settable_passwords (Letting => Normal Users Set Their Own Passwords) => => -- => Mike Renfro / R&D Engineer, Center for Manufacturing Research, => 931 372-3601 / Tennessee Technological University -- renfro@tntech.edu => => _______________________________________________ => Zope maillist - Zope@zope.org => http://lists.zope.org/mailman/listinfo/zope => ** No cross posts or HTML encoding! ** => (Related lists - => http://lists.zope.org/mailman/listinfo/zope-announce => http://lists.zope.org/mailman/listinfo/zope-dev ) =>

Noted. The problem is not so simple to fix, but I do still think that it may be a problem worth solving. I don't recall any other user based system that does not allow users to change their own passwords. All operating systems of any value have this function. The problem with the present system is that someone ends up knowing everyone else's passwords and it does not encourage people to change their passwords regularly. I have noted the post from Mike Renfro pointing out http://www.zope.org/Members/tseaver/user_settable_passwords (Letting Normal Users Set Their Own Passwords) and I will implement this, but it seems to me such a function should be built into Zope. Tom => -----Original Message----- => From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Chris => Withers => Sent: Sunday, 1 July 2001 11:37 PM => To: tom@cameron.to => Cc: Mike Renfro; zope@zope.org => Subject: Re: [Zope] users managing their own user details => => => Tom Cameron wrote: => > => > One possible solution would be to modify the useredit form in => acl_users to => > ask users for thier existing password when setting a new one. => That way you => > could let them have access to the acl_users folder and be => confident that => > they will only change their own details. Not quite perfect but => much better. => => Not really, they'd also be able to change their own roles and => those of other => users :-( => => cheers, => => Chris => => => => _______________________________________________ => Zope maillist - Zope@zope.org => http://lists.zope.org/mailman/listinfo/zope => ** No cross posts or HTML encoding! ** => (Related lists - => http://lists.zope.org/mailman/listinfo/zope-announce => http://lists.zope.org/mailman/listinfo/zope-dev ) =>