It seems the big difference between zope2 and bfg acls is the lack of roles.
bfg acls map permissions directly to principals, and doesn't appear
to have the concept of a
The local roles in zope is a extension of system wide roles where
additional roles are defined for a principal based on the context.
Owner in plone is a role assigned to a principal, and permissions are
bound to roles.
A user can get a specific role in a particular context, effectively
decoupling the declaration of permissions from
On Tue, Feb 16, 2010 at 7:52 AM, Tim Hoffman <zutes...@gmail.com> wrote:
> I could at the very least evaluate the Owner special principal
> into the real owner, when I provide the __acl__ registration via the
> property accessor
> Most of the project is defined in a uml model and the code is being
> generated. So
> declaring the permissions where possible in the model means I need to use
> abstractions representing things like Owner in the model
> On Tue, Feb 16, 2010 at 7:49 AM, Tim Hoffman <zutes...@gmail.com> wrote:
>> HI Tres
>> The last thing I would love to be able to do would be to declare the
>> at the class level
>> as in
>> (Allow, Owner, "edit")
>> And have a Owner a special principal like Everyone,
>> that allows me to declare the permission. But only evaluates "owner"
>> when the permission is checked
>> Do you think that could work, I haven't worked out how I could
>> implement that though.
>> On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver <tsea...@palladion.com> wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>> Tim Hoffman wrote:
>>>> I was hoping to declare the local role equivalent at the class level,
>>>> but following from what you said
>>>> I have a class declaration for "site_manager" and persist
>>>> a user/owner declaration on the object at creation time ?
>>>> Then when I retrieve the entity from the app engine datastore
>>>> have a __acl__ property accessor which
>>>> then merges the class declaration with the persisted addition
>>>> definition of ower.
>>>> Does that sound like an appropriate approach?
>>> That sounds like it would work, yes.
>>> - --
>>> Tres Seaver +1 540-429-0999 tsea...@palladion.com
>>> Palladion Software "Excellence by Design" http://palladion.com
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>> -----END PGP SIGNATURE-----
Repoze-dev mailing list