[Zope-dev] Username/userid separation

Leonardo Rochael Almeida leo at enfoldsystems.com
Thu Aug 4 15:54:27 EDT 2005


Em Qui, 2005-08-04 às 16:20 -0300, Leonardo Rochael Almeida escreveu:
> I propose that we look up the userid for the username in
> RoleManager.manage_{add,set,del}LocalRoles() and change the signature of
> these methods to mention username instead of userid.

And we also need to change RoleManager.get_local_roles() to lookup
usernames for the stored userids.

But this leaves us with another interesting problem: in what user folder
should we be looking up these ids? Theoretically, in all of them,
like .list_valid_usernames() does, but this might bring some different
interactions between local roles set for a username that exists in 2 or
more user folders in the current acquisition path.

The definitive fix for this would involve storing the (userid, acl_users
path) tuple in the local roles information after all, and changing
User.localRolesInContext() accordingly, but this brings a host of
backward compatibility issues which my suggestions above make some
effort to avoid, I believe.

Cheers,

-- 
Leonardo Rochael Almeida <leo at enfoldsystems.com>
Enfold Systems - http://www.enfoldsystems.com/


More information about the Zope-Dev mailing list