[Zope-dev] LDAPRoleTwiddler / BasicUserFolder

Dirk Datzert dirk.datzert@tks-rasselstein.thyssenkrupp.com
Thu, 17 Oct 2002 14:37:59 +0200


Hi Jens,

> why is that code no longer referring to the real userfolder anymore? =
it=20
> should not make calls to authorize/identify/authorize on "self" but on =

> the LDAPUserFolder it is using as the user source.
>=20

self.identify() should be the same as if getLUF().identify() since =
LDAPUserFolder and LDAPRoleTwiddler both inherited this from =
BasicUserFolder.

self.authenticate() does a self.getUser() which refers to =
getLUF().getUser() and does twiddling in one step and return the right =
user-object which the API would expect.

I think that self.authorize(user,...) is better than =
self.getLUF().authorize(user,...)
because the authorize does the following in 1st line:

def authorize(self, user,... ): (inherited from BasicUserFolder)
  user =3D getattr(user, 'aq_base', user).__of__(self)

this would be different for self.authorize, where self would be the LRT =
and
self.getLUF().authorize() where self would be the LUF.

The user is seen in 2 different contexts by .__of__(self) .

Maybe I'm think too complicated, Your opinion ?

Regards,
Dirk