[Zope-PTK] Zope User Management API

Chris Withers chrisw@nipltd.com
Tue, 03 Oct 2000 13:48:55 +0100 

Bill Anderson wrote:
> 
> IMO, things dealing with authentication should _not_ be defined by the PTK. That is the realm of user management, which
> the PTK is not (AIUI) aimed at doing. It has the current default setup now mainly out of (AIUI) a need to have
> _something_ to do it.

That sounds accurate...

> Basically, there are only a few variations on your basic portal. Authentication policies a few more. Add them together
> and .. dman that's  alot of permutations. By leaving authentication policies to the user management tool, you keep the
> basic PTK simple, as it should be.

Yup :-)

> What should be done, is that the PTK calls a predefined User Management API. The default implementation of PTK Demo
> (remember, it is just that, a demo) should come with some sort of "Zope User Management API" that abides by the ZUMAPI.

Yeah, I think User Management should eb a core Zoep thing, includign the
full interface that will be needed by PTK-like applications...
What would the Membership product have that goes beyond this interface?

> That's part of why I never liked the name of PTK; it didn't match the common uses of it as implemented. Let's face
> reality, PTKDemo is not a "Portal Site" as implemented, but rather a "Community Site".

Also true... I thought a new naem was to land in August, but apparently
not :-(

> logout_User
> Used to log the user out. Likely returns a redirect url.

What about Basic Authentication?

> get_User
> Used when you need the user object (useful or not?), and returns the object itsself. (What about SQL-Authed Users?)

SQL should return a wrapper object (ZPatterns DataSkin perhaps?)
This probably will be useful, and it'd be great it this object could
handle having data tacked onto it (like maybe propertysheets, etc)
although this feels like a 'core Zope' thing, as I've already
mentioned...

> get_UserPage
> Used ot get the user's URL if any. In Community sites that implement a Member Folder (such as PTKDemo), it would return
> the URL to the User's Folder. In sites that don't it can return the URL to their 'Profile Page' or whatever stands in
> place (maybe a redirect or something). Returns a URL.

Don't like this...

> mail_UserPassword
> Here is the tricky one, but only for what it returns. The UMP would do the work, and should return a URL, or an actual
> page fo rth euser to see.

Don't like this...

In both cases 'cos they seem to make implementation assumptions. Don't
know how to do it better though :-S

cheers,

Chris