[Zope-CMF] Re: [dev] delete members: related changes and updated proposal

Yuppie schubbe at web.de
Tue Sep 23 12:48:28 EDT 2003


Hi!


Florent Guillaume wrote:
> In article <3F5B6378.5000408 at web.de> you write:
> 
>>3.) deleteLocalRoles
>>
>>For implementing deleteMembers, two issues have to be resolved:
>>a) deleteLocalRoles is protected by roles, not by permissions. I propose 
>>to protected it by ManageUsers of the object.
>>b) deleteLocalRoles should have a 'recursive' argument.
> 
> 
> This permission business is for me the most important thing. A hardcoded
> permission in the method means we can't modify the policy easily. In
> CPS, I planned to monkey patch it to check a permission (ManageUsers
> seems fine), which means I can give local roles management permission to
> whatever role I want.

Meanwhile I changed my mind a bit:
<http://mail.zope.org/pipermail/zope-cmf/2003-September/019377.html>

Now the only place ManageUsers is used for Local Role management is 
getCandidateLocalRoles(). It controls if the user is allowed to assign 
any Role or just Roles he has himself.

This is the current code on yuppie-deleteMembers-branch:
<http://cvs.zope.org/CMF/CMFCore/MembershipTool.py?rev=1.38.2.4&content-type=text/vnd.viewcvs-markup>

Hope that covers your needs. I'll merge the branch as soon as the 
discussion regarding Exceptions is finished.
<http://mail.zope.org/pipermail/zope-cmf/2003-September/019423.html>


Cheers,
	Yuppie





More information about the Zope-CMF mailing list