Currently ``repoze.who`` meets the demand for application-agnostic
user authentication (identification, sign-off) and population of

This is a proposal to extend the set of plugins that can be registered
through the ``repoze.who`` middleware.


Create, read, update and delete identities and metadata (strictly
application-agnostic, API only).


An interface to define, maintain and query named one-way relations
between identities (e.g. "friendship", "membership",
"inherit-privileges"). Identities are given by their username.

E.g. if ``subject`` and ``target`` are identities (usernames)::

  >>> relations_plugin.define(subject, target, name)
  >>> target in relations_plugin.get_relations(subject, name)

The motivation is to model relations like group membership in a
generic way without having to rely on identity metadata (which is
populated in full by the middleware).

If nothing else, relations are different from metadata in terms of
scalability: think social networking and celebrities.

User management application:

In a larger scope the motivation is to facilitate generic user
management, e.g. crud operations, import/export and relations.

The idea is to provide this as a WSGI application that is configured
with a ``repoze.who`` configuration file (e.g. who.ini).

Basically developers can then choose to extend their ``repoze.who``
configuration with a couple of plugins more and get user management
for free.

Of course, this is very much along the lines of frameworks like Zope
PAS but with a declarative file-system configuration.

Feedback appreciated.

Repoze-dev mailing list

Reply via email to