[Zope] Zope security management

Dieter Maurer dieter@handshake.de
Wed, 28 Feb 2001 21:08:33 +0100 (CET)


Simon Michael writes:
 > I agree with John that this is a weakness in the current system. I
 > have often found myself wishing for something like tri-state
 > checkboxes (grant/deny/don't care).
 > 
 > Would it be correct to say this is not a limitation of the zope
 > security model, but a user interface issue ?
Yes, as you can already get what you want:

  When you uncheck the acquire checkbox, you can explicitly
  control (locally) which roles have the respective permission
  independant of any setting higher up in the hiararchy.

  Thus, your third state is not locally at each cell but
  sticks to a complete permission role.


Dieter