[Zope-PTK] Membership Design

Dan L. Pierson dan@sol.control.com
Thu, 3 Aug 2000 09:35:35 -0400 (EDT)


Bill Anderson writes:
 > OK, after futzing around for a few weeks on the user management stuff,
 > I have decided that a redesign may be in order.

Good!

 > I put roles, domains, listed, and password onto a propertysheet (of
 > the DataSkin variety).  The password is stored encrypted. There is a
 > 'downside' to this, in that you can't just send someone their
 > password. On the other hand, that means the password isn't in
 > cleartext.

Seems that a lot of sites (e.g. Amazon.com) handle this by storing a
user defined password hint in cleartext.

 > The aspect of this that concerns me, is the roles being in a
 > propertysheet. Just how accessible to the user are these? IIUC, they
 > can only change the properties if they have permission. But this would
 > theoretically mean they can change their own roles. This would be
 > bad. I'm not conerned about them accessing them through the management
 > interfaces, since those will have a seperate permission/role
 > requirement. My concern is that they could write DTML that changes
 > these properties, giving themselves the manager role, for instance.

Can you make it a separate property sheet with manager-only access?
This would mean that you need two sheets, but I'd really be
comfortable with all user authorization stuff not directly accessible
to the user.