[OzZope] Re: [Zope] ownership fun and games.
Stuart Bishop
zen@shangri-la.dropbear.id.au
Tue, 13 May 2003 22:23:05 +1000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday, May 12, 2003, at 05:43 PM, Luca Olivetti wrote:
> Chris Withers wrote:
>> Anthony Baxter wrote:
>>> So we had a couple of people who'd been working on zope here leave,
>>> and
>>> their user objects got deleted.
>> That wasn't a good idea ;-) Much better to just set their passwords
>> to something random...
>
> It would be much better if the user folder allowed to disable the user
> (something random could be eventually guessed, besides you'd have an
> indication that the user is inactive/old/obsolete/whatever).
>
> BTW: there are other cases that make removing old users impractical
> besides permission problems (think about workflow history, cmf
> metadata, etc.)
And if they are relying on the user object to remain around for ever,
they are broken IMHO. Consider the user folder that is populated
from an external source such as a company's LDAP server.
- --
Stuart Bishop <zen@shangri-la.dropbear.id.au>
http://shangri-la.dropbear.id.au/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)
iD8DBQE+wOOqh8iUz1x5geARAmP4AKDhNxWjyq5IGykNQZSSGl6kyFriPgCcCgpM
3W6pCRQ1gLDN7du0JXb6csU=
=DQyG
-----END PGP SIGNATURE-----