[Zope3-dev] Two-part permissions?
Chris Withers
chrisw@nipltd.com
Sat, 15 Dec 2001 10:41:07 +0000
"Barry A. Warsaw" wrote:
>
> Discoverability is IMO going to be an important part of any Zope3
> security framework. As an admin I'd like to be able to get answers to
> the following questions:
>
> - What knobs to I have to turn to allow Person A to perform Action Z?
>
> - If I enable Permission P to Person A so that they can perform Action
> Z, what other actions does this allow that person to perform?
>
> As an example, working with SF I find it quite difficult to answer
> these two questions so I often start twiddling knobs until the person
> can do what we want to let him do, and then we rely on the honor
> system so that they won't do whatever else that opens up. Not a very
> confidence inspiring security framework.
Well, as your example demonstrates, I think it's a bit more general than that.
My experience is that the level of caring is dependent on the level of trust in
the principal, and you either:
- Only trust someone to read information
- Trust someone to edit and add information
- Trust someone to configure the system and/or write code
Now, if you make those placeful, I think we've got all of Barry's bases covered.
What have I missed?
cheers,
Chris