[Zope] Can Role include an other Role?
Ove Ruben R Olsen
ruben@noia.no
Thu, 17 Jan 2002 15:40:52 +0100
At 13:22 17.01.2002 +0100, Lennart Regebro wrote:
>From: <zopestoller@thomas-guettler.de>
> > I have three groups of users: A, B, C.
> >
> > C should have all permissions that A und B have. How can I do this?
>
>You create two roles, A and B. You give all users in group A role A, all
>users in group B role B.
>You give users in group C roles A and B.
In theory this is just fine - but in practice this may be a pain.
Usergroups would be a blast to have:
1. Lets say that we have GroupA and GroupB
2. We then have user 1-25 in GroupA and user 26-51 in GroupB
3. Next - folderish ObjectX is read-only by GroupA and read/write/create by
GroupB
So - suddenly Management decides that user 2, 5, 15, 21 and 25 should av
the right to alter existing information i ObjectX.
Currently we would change the security on ObjectX concerning the given
users. That may currently be done the hard way or a easier way.
If we had access to groups we could then create GroupC and put the given
users into that group.
Next - if user 30, 32, and 35 where to loose their write/create privileges
on ObjectX all one have to to is move the users into the right group (GroupC).
I belive that Zope should support both the currenct scheme and a new scheme
involving groups.
\Ruben