[Zope-CMF] Re: [CMF-checkins] CVS: CMF/CMFCore - CatalogTool.py:1.30.4.7

Shane Hathaway shane@zope.com
Fri, 25 Apr 2003 11:02:16 -0400 

Sidnei da Silva wrote:
> On Fri, Apr 25, 2003 at 09:33:38AM -0400, Shane Hathaway wrote:
> | Chris Withers wrote:
> | >Hi Sidnei,
> | >
> | >I'm probably missing something, but where are the tests to accompany 
> | >these checkins?
> | 
> | Not only that, but I don't feel good about that change.  It mixes the 
> | concept of "executable owner" and the "owner role".  The former 
> | shouldn't really be called ownership.  At ZC we've been planning to 
> | rename the concept.  It's more like a "code signature" or something.
> 
> Looks like I need to explain the motivation, and then we may agree on
> a partial solution. Heres the issue:
> 
> 1. The user creates an object
> 2. He has the 'Member' role
> 3. The initial workflow state changes the permission on the object so
> only 'Owner' and 'Manager' roles can see the object.
> 4. The user that created the object *is* set as the owner

Do you mean the user is given the Owner role?

> 5. allowedRolesAndUsers gets the lists of roles that have the View
> permission
> 6. Manager and Owner have the view permission
> 7. Then for each local role, if the role is on the set of roles that
> have the view permission, add the user to result (note that the user
> that created the object *is* owner, but doesnt have a local role of
> Owner, so he doesnt get into this list)

Why doesn't the user have the Owner role at this point?  That's the way 
it's supposed to work.

> 8. The owner role is deleted from the result.
> 
> So, at this point allowedRolesAndUsers would contain ['Manager'], and
> the user that created the object cant find it on a search.
> 
> What solution you propose? Using Creator() instead of getOwner()?
> (Note that Creator() is currently returning the result of getOwner(),
> which I pointed out months ago, but no one agreed on a solution for
> that).

That's even more broken.  I had forgotten about that.  Creator() then 
implements a high-level, supposedly modifiable property using a 
low-level, deep-in-the-guts-of-executable-security method.  In fact, 
only executable objects like Python scripts are really supposed to have 
a getOwner() method.

Ugh, naming is both important and hard.  I can see why people have 
gotten confused about getOwner().

Shane