[Zope] LoginManager or exUserFolder

Andrew Kenneth Milton akm@theinternet.com.au
Tue, 25 Sep 2001 01:03:29 +1000


+-------[ Dario Lopez-K=E4sten ]----------------------
|
| > You just have to munge the roles into a list before returning out of =
the
| > authSource though.
|=20
| Hm... that'd be my next ask here at work. I am planning on building a n=
ew
| Generic SQL auth method that let's you specify what roles there are for=
 a
| user using a one to many relationship model (actually a many to many
| relationship model).

Yes the current pgAuth is a fairly naive implementation, but still serves=
=20
about 95% of population. The rest probably have the skills to build their=
=20
own, which is the point of it really d8)

It's also probably base/apex, there should be a roles table that maps a=20
role to a user, rather than storing a list of roles with each user. You
can't easily delete a role from the system (not that this would be a comm=
on
operation), and have the changes propogate cleanly.

The problem is keeping it simple enough out of the box, that relative=20
newcomers can use it. Trying to explain even more than simple schemas can=
=20
be somewhat difficult at times. People understand having one table with
everything in it almost immediately.

I have toyed with the idea of also having pluggable Roles sources, since
some (especially remote) AuthAdapters can't natively provide this, and so=
=20
there's a gross hack in things like etcAuthSource where roles are stored=20
as a private property of the user. Whilst this is great for showing off=20
the flexibility, it still leaves a bad taste in my mouth when I think
about it.

| Also I want to break out the PostgreSQL dependencies, especially in the
| prop_source where both the field names and the table name are hardcoded=
 in
| the python code.

Having a better schema probably wouldn't hurt here either d;)

--=20
Totally Holistic Enterprises Internet|                      | Andrew Milt=
on
The Internet (Aust) Pty Ltd          |                      |
ACN: 082 081 472 ABN: 83 082 081 472 |  M:+61 416 022 411   | Carpe Daemo=
n
PO Box 837 Indooroopilly QLD 4068    |akm@theinternet.com.au|=20