[Zope-dev] Username/userid separation

Leonardo Rochael Almeida leo at enfoldsystems.com
Thu Aug 4 15:20:43 EDT 2005

Em Qui, 2005-08-04 às 08:39 +0100, Jens Vagelpohl escreveu:
> On 4 Aug 2005, at 01:01, Leonardo Rochael Almeida wrote:
> > Hi,
> >
> > I've started the lra-userid_username_separation-branch (from
> > Zope-2_8-branch to start from a stable point) in order to implement
> > proper userid/username separation in Zope.
> Chris McDonough did most of that for Zope 2.7 already a long long  
> time ago. There might be cleanups needed here and there, but for all  
> practical purposes the separation exists and works. The standard user  
> folder implementation doesn't support it AFAIK. Where specifically do  
> you see it not work?

AFAICS, in AccessControl/dtml/owner.dtml, the owner string that is
rendered to the browser comes from Owned.owner_info() in
AccessControl/Owned.py, which comes, untranslated, from
Owned.getOwnerTuple(), which retrieves that value that is set from
Owned.changeOwnership(), which calls ownerInfo() which gets the path to
the user folder and user.getId(), as it should since we are assuming
that .getId() is the immutable and potentially not-displayable
identifier for the user that comes from the user source.

What I'm proposing is to change owner.dtml (with the eventual help of
owner_info()) to get the username equivalent to that userid and display
that instead.

Also, in AccessControl/listLocalRoles.dtml and editLocalRoles.dtml, the
usernames that are rendered from users that already have local roles are
the keys from the RoleManager.__ac_local_roles__ attribute from

These keys eventually come from RoleManager.get_valid_userids(), which
calls acl_users.user_names() for all acl_users in it's acquisition path.

In the default Zope user folder implementation, .user_names() call
getUserNames() which is supposed to list usernames, not userids, which
means we've been storing usernames in __ac_local_roles__ all this time.
This could break if the username for a certain acl_users implementation
changes, specially since User.getRolesInContext() looks up
__ac_local_roles__ with self.getId() and not self.getUserName() in

(Actually, isn't it odd that the local roles management is not using the
same approach of owner tuples like Owned.py does?)

I propose that we look up the userid for the username in
RoleManager.manage_{add,set,del}LocalRoles() and change the signature of
these methods to mention username instead of userid.

This might leave us with a slight window for mismatches if the username
for a userid changes between selecting the user in the listLocalRoles
screen and actually setting it after the editLocalRoles screen, but at
least we avoid having to make sure binary userids are correctly quoted
thru all the HTML and URL roundtrips.

What do you guys think?

> I've been using it for the LDAPUserFolder for ages where you can  
> specify different attributes for the ID and the login, and change the  
> login value at will. And, like Tino mentioned, PAS uses it as well.

Yes, Enfold is aware of PAS, we've been doing the Plone integration for
it and we intend to use it for this particular project for which I need
the changes I mentioned above.

Cheers, Leo

Leonardo Rochael Almeida <leo at enfoldsystems.com>
Enfold Systems - http://www.enfoldsystems.com/

More information about the Zope-Dev mailing list