[Zope-dev] Membership and Local Roles

[Steve Alexander]

Michael Bernstein wrote:

> I posted this to the PTK list on Friday, but didn't get any responses
> over the weekend, so I'm reposting here.
> 
> I feel that a barrier to Loginmanager and Membership becoming more
> generally usable for site builders is it's current lack of support for
> local roles. Specifically, members do not show up in the local roles
> screen (manage_listLocalRoles) user list.
> 
> Through the magic of grep and find, I think I've identified the relevant
> sections of code in Zope that need to be duplicated in Membership (or
> maybe in LoginManager).

I think you've found out why local roles don't work. Congratulations on 
a successful code hunting mission :-)

I don't know for sure, but I think the API for returning a list of users 
has been omitted intentionally. A LoginManager instance might "contain" 
(or rather, provide authentication to) thousands of users. Listing all 
of these would arguably break the management interface.

Perhaps what LoginManager (or Membership) needs is a way of stating, for 
each user, whether they should appear in the local-roles list. This 
could be a checkbox for each user, or it could be a method that gets 
called to specify the users that appear, for example, using a regular 
expression, or perhaps based on some quality of the user object.

You should still be able to use local roles, even now, by using an 
external method to add local roles where you need them, and explicitly 
give the user id. You just can't select from the management interface.

--
Steve Alexander
Software Engineer
Cat-Box limited
http://www.cat-box.net