[Zope3-dev] Initial thoughts on the Zope3 security framework
Shane Hathaway
shane@zope.com
Fri, 14 Dec 2001 10:33:15 -0500
Guido van Rossum wrote:
> I think Phillip has made a very clear distinction between roles and
> groups: roles are local, groups are not. It also makes sense to map
> groups to local roles.
Here are my thoughts. "Groups" is a fuzzy term, but there is a definite
need for "workgroups"--places where sets of principals are given extra
privileges. Today people do this using local roles, but it can be
cumbersome. You'd really like to have a central principal source, such
as an LDAP connection, then grant roles in specific places according to
data provided in the LDAP record.
Zope security uses three mappings: principals to roles, roles to
permissions, and permissions to methods. I've been trying to prove to
myself for months that we really need four mappings, with principals
mapping to groups and groups mapping to roles, but have failed to do so
since it would add complexity and you can already achieve the desired
effect if you just have computed local roles.
So we need either computed local roles or groups.
Shane