[Zope] "segregated" users

[Tim Evans]

I apologize if this issue is something that has been discussed before,
but I searched the archives to no avail.

I'm evaluating zope for a project, and I have some questions regarding
the extensibility of the user security model.

The company I work for would like to provide documents to clients via
the web, and only allow one particular client (or group of users from
the same client) access to those documents.  I don't want any user to
be able to detect the presence of any other user.  I essentially want
several "sites", one for each client, with a group of administrative
users responsible for maintaining these sites and publishing content
to all of them.

What this would require is a group of administrators that can see all
sites, as well as restricted users with privileges to exactly one
site.

I'd also like to avoid having a role for each site, as that could get
ugly for almost 1000 clients.  It would also be great if we could
designate a user to administer only one site, so that they could only
publish data to one client.

I guess I want "zope-level" users and "application-level" users.  Is
this something that sane people do?

I don't really need a step-by-step, just a "yes, that is possible" or
a "no, you're an idiot" before I start digging in to try and do it.


Tim