AW: [Zope] How to organize users in "groups"

[Roger]

I think nuxUserGroups is stable. We developed some projekts with this
userfolder an we never run into problems with this product. At the
moment we add Win 2000 Active Directory Authentication to nuxUserGroups.
We need this to implement a customer project. I think we publish this
extended nuxUserGroups later to zope.org.=20

To implement some manage function, forms, views, etc. in a own
administration site for your application whould be the best way to split
the ZMI in a own adminisration interface. If you are interested I can
give you a pre alpha product that we develope. I this product we split
some manage function in a own application and manage acl_users and
roles.

Mit freundlichen Gr=FCssen
Roger Ineichen
___________________________
Projekt01 GmbH
www.projekt01.ch
Langackerstrasse 8
6330 Cham
phone +41 (0)41 781 01 78
mobile +41 (0)79 340 52 32
fax +41 (0)41 781 00 78
email r.ineichen@projekt01.ch
___________________________
END OF MESSAGE


=20

> -----Urspr=FCngliche Nachricht-----
> Von: Phil Glaser [mailto:StillSmallVoice@DirectvInternet.com]=20
> Gesendet: Sonntag, 13. Oktober 2002 21:26
> An: r.ineichen@projekt01.ch; zope@zope.org
> Betreff: RE: [Zope] How to organize users in "groups"
>=20
>=20
> Hi Roger,
>=20
> nuxUserGroups looks cool, though I'm a little concerned about=20
> its level of maturity. Is it stable and reliable?
>=20
> I agree that reproducing the administrative interface is=20
> inefficient, and have made that fact clear to my client. The=20
> problem is that the system is intended for use by folks who=20
> are relatively unskilled technically. ZMI for these users=20
> would be too unusable. Basically I'm going to have to dig=20
> into some of the ZMI manage methods and lift some of the code=20
> into my own application's pages. It does not strike me as the=20
> most efficient use of resources but the customer is insisting on it.
>=20
> Thanks so much for your help!!!
>=20
> --Phil
>=20
>=20
> >-----Original Message-----
> >From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of=20
> >Roger
> >Sent: Saturday, October 12, 2002 12:58 PM
> >To: zope@zope.org; StillSmallVoice@DirectvInternet.com
> >Subject: RE: [Zope] How to organize users in "groups"
> >
> >
> >Hi Philip
> >I think you should use nuxUserGroups. This zope product form nuxeo=20
> >organise the users in groups andd you can assign roles to=20
> this groups.=20
> >And for the other logic I whould use DC workflow witch is a workflow=20
> >product for zope.
> >
> >Look at www.plone.org. Pherhaps plone has many of your ideeas=20
> >implemented. Spacial the member area for your end users. And=20
> in plone=20
> >you can many things offer to your client without to touch the ZMI.
> >
> >Let me know if you realy plan to develope a coustom ZMI interface. I=20
> >think it's to much work and the second argument is, it's=20
> realy possible=20
> >to develope a custom interface for ZMI who is "better" for the=20
> >customer? What's better? I know I don't like the ZMI if I make a=20
> >presentation by a customer.
> >
> >Mit freundlichen Gr=FCssen
> >Roger Ineichen
> >___________________________
> >Projekt01 GmbH
> >www.projekt01.ch
> >Langackerstrasse 8
> >6330 Cham
> >phone +41 (0)41 781 01 78
> >mobile +41 (0)79 340 52 32
> >fax +41 (0)41 781 00 78
> >email r.ineichen@projekt01.ch
> >___________________________
> >END OF MESSAGE
> >
> >Message: 10
> >From: "Phil Glaser" <StillSmallVoice@DirectvInternet.com>
> >To: <zope@zope.org>
> >Date: Fri, 11 Oct 2002 14:40:54 -0400
> >Subject: [Zope] How to organize users in "groups"
> >
> >Hi,
> >
> >I'm building a CMF site for a client who wants to organize=20
> users within=20
> >groups. The twofold purpose of this organization is: 1) to=20
> be able to=20
> >send mail to specific constituencies of users; and 2) to assign=20
> >permissions to
> >specific constituencies of users. My client wants the application to
> >have
> >it's own custom administrative interface (he does not want the site's
> >administrators to be exposed to ZMI) that will enable the=20
> administrators
> >to
> >set permissions for specific groups on specific folders. The=20
> permissions
> >that the administrator sees may be simplified versions of the more
> >complex
> >sets of permissions you see through ZMI. For example, for a=20
> folder the
> >administrator would only see the permissions "No Access,"=20
> "Read Only,"
> >"Submit File," and "Approve File." It is also important to=20
> know that the
> >site is structured as multi-community portal. In other words, members
> >are
> >defined at the level of the portal, and they will have permission to
> >belong
> >to specific communities within the portal. Each community=20
> will have the
> >same
> >functionality (content folders, discussions, news, etc.) but=20
> the content
> >will be different for each.
> >
> >It seems to me that the simplest way to do this is is to implement a=20
> >"group" as a role. In other words, what my client is calling=20
> a "group"=20
> >would be the
> >equivalent of a Zope "role." When the administrator adds a=20
> new group, he
> >would under the hood be adding a new role. When he adds a=20
> user to one or
> >more groups, he would be associating the user with the roles=20
> (users need
> >to
> >be able to belong to more than one group at a time). Listing=20
> the members
> >of
> >a group and sending mail to them would mean filtering the=20
> user objects
> >based
> >on their role (assuming this can be done). As for the simplified
> >permissions, there would need to be a dictionary in a script that
> >correlates
> >each of these simple permissions with one or more of the native Zope
> >permissions.
> >
> >I think the only major problem with my approach stems from the fact=20
> >that the groups/roles would be different for each comunity -- they=20
> >would not apply to
> >the entire portal. However, users would still be defined at=20
> the portal
> >level
> >because they will have access to multiple communities.=20
> Through ZMI, it
> >looks
> >like you can only assign a role to a user if the role has=20
> been defined
> >at
> >the same level as the user in the hierarchy or at a=20
> containing level in
> >the
> >hierarchy; in this case, I want to be able to assign a role that has
> >been
> >defined at a level below the level at which the user is defined.
> >
> >So my question is: is there a workaround for assigning a=20
> role to a user=20
> >when the role is defined further down in the hierarchy from=20
> where the=20
> >user is, or
> >is there some other way entirely that I should be solving=20
> this problem?
> >
> >Many thanks!
> >
> >Philip Glaser
> >Principal and Software Architect
> >Sustainable Software Solutions, LLC=20
> StillSmallVoice@DirectvInternet.com
> >www.sustainsoft.com
> >973-951-9522
> >
> >
> >_______________________________________________
> >Zope maillist  -  Zope@zope.org=20
> >http://lists.zope.org/mailman/listinfo/zope
> >**   No cross posts or HTML encoding!  **
> >(Related lists - =20
> http://lists.zope.org/mailman/listinfo/zope-> announce
> >=20
> http://lists.zope.org/mailman/listinfo/zope-dev )
> >
>=20
>=20