[Zope-PTK] Membership Design
Dan L. Pierson
dan@sol.control.com
Thu, 3 Aug 2000 09:35:35 -0400 (EDT)
Bill Anderson writes:
> OK, after futzing around for a few weeks on the user management stuff,
> I have decided that a redesign may be in order.
Good!
> I put roles, domains, listed, and password onto a propertysheet (of
> the DataSkin variety). The password is stored encrypted. There is a
> 'downside' to this, in that you can't just send someone their
> password. On the other hand, that means the password isn't in
> cleartext.
Seems that a lot of sites (e.g. Amazon.com) handle this by storing a
user defined password hint in cleartext.
> The aspect of this that concerns me, is the roles being in a
> propertysheet. Just how accessible to the user are these? IIUC, they
> can only change the properties if they have permission. But this would
> theoretically mean they can change their own roles. This would be
> bad. I'm not conerned about them accessing them through the management
> interfaces, since those will have a seperate permission/role
> requirement. My concern is that they could write DTML that changes
> these properties, giving themselves the manager role, for instance.
Can you make it a separate property sheet with manager-only access?
This would mean that you need two sheets, but I'd really be
comfortable with all user authorization stuff not directly accessible
to the user.