[Zope-DB] Zope - SQL authorisation model

Chris Withers chris at simplistix.co.uk
Wed Jun 1 15:37:06 EDT 2005

Terry Kerr wrote:
> authorisation.  Authentication is relatively easy and can be implemented 
> using an out of the box product such as exUserFolder, or something I 
> hack up myself.

Please use SUF, much simpler for this kind of thing ;-)

> Another approach maybe to implement the authorization at the database 
> level by using GRANT, REVOKE, rules on tables, functions, views, etc.  
> If the Zope database connector could connect as the authenticated user, 
> then the rules would apply.  

I'd subclass the DA you end up using to get this behaviour...



Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk

More information about the Zope-DB mailing list