[Zope-PAS] Re: PluggableAuthService and PrincipalDeleted

Tres Seaver tseaver at palladion.com
Tue May 6 11:42:21 EDT 2008

Hash: SHA1

Miles wrote:

> It would be great if PAS supported deleting users, with the same 
> event-based system for notifying other plugins to tidy up.

I've never been happy with the idea of PAS "supporting" any changes to
the plugins:  even the IUserAdderPlugin and IUpdatePlugin are out of
place, in my opinion, because they try to generalize without knowing
enough:  they exist to support a not-really-a-contract of the "stock"
Zope user folder ('_doAddUser').

CRUD on the user objects is really a separate application (*not* a
framework), which is not even possible in many applications where PAS is

> IMHO, adding a new interface for deletion rather than renaming the 
> existing one is better - there's no guarantee existing plugins implement 
> the new interface, so it could break things.
> On the point of mutable users and groups, I've looked into that in the 
> past for some applications here, in order to make PAS-based user 
> implement the CMF IMember interface.  Happy to share code or collaborate 
> if it's of interest.
> IIRC, I got a bit confused when it came to password resets, as to 
> whether a password was considered a user property or as something else - 
> passwords are passed to the UserManager at creation so should they go to 
> the PropertyUpdater too?

Passwords are *not* properties:  plugis implementing IUpdatePlugin
should not know about them, unless they are also actively registered for

- --
Tres Seaver          +1 540-429-0999          tseaver at palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the Zope-PAS mailing list