[Zope3-dev] Re: ObjectHub should change data structure

[Phillip J. Eby]

At 02:12 PM 6/27/03 -0400, Jim Fulton wrote:

>IMO a better way to approach this is to have a non-location based
>(or an other-than-location-based) security policy.  Zope 3 will have a
>more flexible security system that lets you organize security statements
>in a way that fits your application, whether that be location, something else
>or some combination.

If you'd like an interesting challenge for the Zope 3 security 
architecture, have a look at:

http://cvs.eby-sarna.com/PEAK/src/peak/security/tests/permission.py?rev=HEAD&content-type=text/vnd.viewcvs-markup

It demonstrates a typical (for my apps, at least) rule-based security 
model, where permissions are based on application data, and the user is 
part of the application's data model.  You might find the definition 
mechanism interesting as well.  Some key features that are demonstrated:

* As with Zope X3, permissions are just symbols, but they are converted to 
rules by adapting to a permission-checking interface in context.

* Permissions have an 'of' method that can be used to produce a qualified 
"concrete" permission such as 'Member.of(Folder)' (vs. 
'Member.of(Document)').  Adaptation is organized in such a way that the 
most-specific applicable permission-checking rule is applied.

* Rules are given an 'attempt' parameter, an object that contains 
information about the context, user, subject, name to be accessed 
etc.  Using the 'allows()' method of the 'attempt', they can check other 
permissions, or the same permission on another object, etc.  Thus, a rule 
can 'and' or 'or' other permissions, implement custom or multiple 
role-acquisition paths, etc.