[Zope-DB] Zope - SQL authorisation model

[Chris Withers]

Terry Kerr wrote:
> authorisation.  Authentication is relatively easy and can be implemented 
> using an out of the box product such as exUserFolder, or something I 
> hack up myself.

Please use SUF, much simpler for this kind of thing ;-)

> Another approach maybe to implement the authorization at the database 
> level by using GRANT, REVOKE, rules on tables, functions, views, etc.  
> If the Zope database connector could connect as the authenticated user, 
> then the rules would apply.  

I'd subclass the DA you end up using to get this behaviour...

cheers,

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk