Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Dmitry Vasiliev

Philipp von Weitershausen wrote:


Martijn suggests to just use user. I can live with that. The reason
why I didn't propose that is because I thought people still valued the
abstraction of a principal as opposed to the physical person. I don't
need it and all those Unix users out there don't seem to need it either...


+1 on user. Actually for Russian translation I've used user anyway since I 
didn't find another good translation for principal.


--
Dmitry Vasiliev (dima at hlabs.spb.ru)
http://hlabs.spb.ru
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] A Call for Slaves

2005-09-13 Thread Chris Withers

Tim Peters wrote:

BTW, Microsoft no longer sells VC6.


Indeed, this was my understanding...

Nevertheless, does anyone know how to legally get hold of these?
(Hmmm... I work in amoungst a horde of MS developers here, maybe one of 
them will know...)



Also, how can I build both 2.3 and 2.4 stuff on one machine?


I do this routinely on my boxes, but I don't know anything about the
build-bot environment (which would have to be strange indeed to
prevent building 2.3 and 2.4 versions on the same box).


Well, how would I do it manually?

cheers,

Chris

--
Simplistix - Content Management, Zope  Python Consulting
   - http://www.simplistix.co.uk

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] buildbot warnings in Zope3 trunk 2.4 remy

2005-09-13 Thread Chris Withers

Benji York wrote:


It's more that I'm reluctant to figure out how they've changed the 
system since the last public release, make the modifications, test them, 
produce patches, and then persuade them to accept them.  All that takes 
time that is presently better spent on other things.


Ah okay, that makes sense...


Don't let me dissuade you from contributing though. :)


Heh, have no fear, my own lack of time will likely do that!

cheers,

Chris

--
Simplistix - Content Management, Zope  Python Consulting
   - http://www.simplistix.co.uk

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] Re: [Zope3-Users] ODBC database adapter for Zope3?

2005-09-13 Thread Chris Withers

Stephan Richter wrote:

Oh :-( That sucks. Is there a DBAPI sig for python that we should be
talking to about getting that fixed?


There is a sig and we could try. But I have *very* little hope that such a 
proposal would come to fruition. Most applications don't really care about 
supporting many DB backends. 


Waaagh :'(


2. Advanced DA implementations support much more datatype conversion than
the default database connection package.


Yes, but it's inconsistency between DAs on this front that causes
problems...


Well, the Python DB-API is even worse and does not even try to specify type 
returns. I agree, maybe we should create a recommendation for Zope 3 DB 
adapters.


*nods*


For example, a good DB adapter should always ensure
that all datetimes have pytz timezones associated with them.


Exactly, which is why that kind of stuff should be in a central place.
What happens if a DA DOESN'T do this when someone is expecting it to?
(the other common problematic type is that of an SQL NULL)



Well, I would love to see a draft on a Zope 3 DA standardization.


And I'd love to write one, but I still need to get to grips with the 
basics of Zope 3 first ;-)


Gimme a poke in a month or two!

cheers,

Chris

--
Simplistix - Content Management, Zope  Python Consulting
   - http://www.simplistix.co.uk

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Philipp von Weitershausen
Roger Ineichen wrote:
 Hi principals

*shrug* I'm a user :).

Since principal doesn't seem to be a common term in IT speak either,
translators repeatedly have their problems with it. In German, for
example, we came up with Nutzungsberechtigter which is just an
arbitrary choice and doesn't even fit all aspects of principal. It's
still a good choice for now because if we had chosen to literally
translate it as Prinzipal, noone would even be close to 
understanding
what we meant. Sebastien Douche seemed to have the same problem
regarding the French translation, as he told us on IRC today. 
There just
aren't good native words that translate principal well enough, let
alone a good literal translation.
 
 
 I don't agree
 
 Principal is a common term in IT security. Since we use a principal
 based security system, (perhaps there are other ones) we have to use 
 the right name for this principal. 

The reason you give (we use the principal concept, so we have to call
it 'principal') is the most obvious one and at the same time the most
unsatisfying because it doesn't justify the word itself. Maybe there are
other terms for the concept?

 Perhaps it is helpful to describe what a principal really are.
 
 
 A principal object represents the security context of the user on whose 
 behalf the code is running, including the user's identity, groups and 
 roles to which they belong.
 

That's a good definition, thank you. Which source are you quoting from?

So, I would like to give principal a better name. How about
participant? After all, a principal _participates_ in an interaction
through a participation (e.g. an HTTP request). Participant 
should also
be pretty easy to translate: it's a common word, especially outside IT
vocubulary, which means chances are good to find appropriate native
translations for it.
 
 
 No, no, a participant is not a principal. See the wfmc workflow 
 implementation. Participants are used for participate on a process
 task. Participants don't even know how to login. Participants are more 
 like a role in some use cases.

I did not realize that WFMC also has the understanding of a
participant. That's obviously a strong point against that word. As
I've said before, I'm not locked into participant; all I wanted is my
criticism to be constructive...

 I think there is no way to rename principal to participant since they are
 totaly different components.

I never wanted to mix up security and WFMC concepts. I wasn't even aware
of the latter. You're comparing apples and oranges here.

(Note that the point of finding translations for technical 
terms is not
only for the sake of a translated Zope 3 UI. It's more about 
how people
understand technical terms. I think most Zope 3 developers 
aren't native
English speakers and they do not necessarily think in 
English. So, good
words that have good native translations help the 
understanding process
on their end. That is not only important for _learning_ a concept, but
also for _explaining_ it. As a book author, I know what I'm talking
about... :))
 
 I think you are right here. It's not easy to explain a security concept.
 Perhaps we have to collect some good documentation from other principal 
 based security concept and see how they describe this part.

I agree. I very much like the definition you quoted above. Apart from
that, I wish we could find a good pattern for translating principal.
Quoting the English term should be our last option. I wonder, for
example, which term French speakers use when they *talk* to each other
about principals... French is known to be very conservative when it
comes to introducing English words to itself.

Philipp
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



[Zope3-dev] Re: most specific interface?

2005-09-13 Thread Philipp von Weitershausen
Jean-Marc Orliaguet wrote:
 is the order of the list of interfaces implemented by an object subject
 to internal changes?
 
 I have identified the need for such a pattern:
 
 iface = object.interface()
 
 with:
 
 class someObject(object):
 implements(IMainInterface, ISecondaryInterface, ...)
 def interface():
 Return the most specific interface implemented by the element.
 return list(providedBy(self))[0]
 
 to be able in that case to get access to the first interface implemented
 by an object, as a sort of main object type.

We usually do this differently. If some interfaces are special types
(e.g. IFile is a content type) then we have this interface provide
ISpecialType (e.g. IFile provides IContentType). ISpecialType is an
interface extending IInterface.

Then, no matter where in the list of provided interfaces the type is, it
can be fetch with queryType. Let's take the IFile example from above and
set it up as a content type:

   from zope.app.content.interfaces import IContentType
   from zope.app.file.interfaces import IFile
   from zope.interface import directlyProvides
   directlyProvides(IFile, IContentType)

Now let's make a File object. We see that its first interface isn't
IFile but IFileContent:

   from zope.app.file.file import File
   f = File()
   list(providedBy(f))
  [InterfaceClass zope.app.publication.interfaces.IFileContent,
   InterfaceClass zope.app.file.interfaces.IFile,
   InterfaceClass persistent.interfaces.IPersistent]

Yet, when we query the content type, we get IFile as expected.

   from zope.app.interface import queryType
   queryType(f, IContentType)
  InterfaceClass zope.app.file.interfaces.IFile

 the zope/app/component/registration.txt documentation mentions:
 
 
 We can now write another `IComponentRegistration` implementation that knows
 about the interface; in fact, it will pick the most specific one of the
 component:
 
from zope.interface import providedBy
class SomethingRegistration(Registration):
   ...
   ... def interface(self):
   ... return list(providedBy(self._component))[0]
   ... interface = property(interface)
 
 
 
 but I haven't seen it used anywhere else. Is it safe to use this?

I think it's not quite safe to rely on it the way you seem to want (as a
main object type). It is correct that the first interface *is* the
most specific one, e.g. when it comes to adaption:

   from zope.component import *
   from zope.interface import *

   class IA(Interface): pass
  ...
   class IB(Interface): pass
  ...
   class IC(Interface): pass
  ...

   class Adapter(object):
  ... adapts(IA)
  ... implements(IC)
  ... def __init__(self, context): pass
  ...
   class Bedapter(object):
  ... adapts(IB)
  ... implements(IC)
  ... def __init__(self, context): pass
  ...

   provideAdapter(Adapter)
   provideAdapter(Bedapter)

   class Klass(object):
  ... implements(IA, IB)
  ...
   IC(Klass())
  __main__.Adapter object at 0x1424e30

   class Klass(object):
  ... implements(IB, IA)
  ...
   IC(Klass())
  __main__.Bedapter object at 0x1424e10

Philipp
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] Re: Speed win in Python's urllib.quote

2005-09-13 Thread Julien Anguenot
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Lennart Regebro wrote:
 On 9/12/05, Olivier Grisel [EMAIL PROTECTED] wrote:
 
Lennart Regebro wrote:
This is unfortunately not a public area. But you can grab funkload from
the public svn:
 
 
 *slaps forehead* You are right, I only saw that public in the beginning. :)
 Thanks.
 
 
http://svn.nuxeo.org/trac/pub/file/funkload/trunk/README.txt
 
 

Actually, this is public :

http://public.dev.nuxeo.com/~ben/funkload/

:)

J.

- --
Julien Anguenot | Nuxeo RD (Paris, France)
CPS Platform : http://www.cps-project.org
Zope3 / ECM   : http://www.z3lab.org
mail: anguenot at nuxeo.com; tel: +33 (0) 6 72 57 57 66
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFDJqDOGhoG8MxZ/pIRAlXhAJ9G64tbJLIO7sb8RcpwzOW0+psBwwCcDD30
FN+u0Rk5amzkvuuSsoyr6yU=
=rl5l
-END PGP SIGNATURE-
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Sebastien Douche
On 9/13/05, Philipp von Weitershausen [EMAIL PROTECTED] wrote:
  Perhaps it is helpful to describe what a principal really are.
 
  
  A principal object represents the security context of the user on whose
  behalf the code is running, including the user's identity, groups and
  roles to which they belong.
  
 
 That's a good definition, thank you. Which source are you quoting from?

Yes, this definition is very useful.

  I think you are right here. It's not easy to explain a security concept.
  Perhaps we have to collect some good documentation from other principal
  based security concept and see how they describe this part.
 
 I agree. I very much like the definition you quoted above. Apart from
 that, I wish we could find a good pattern for translating principal.
 Quoting the English term should be our last option. I wonder, for
 example, which term French speakers use when they *talk* to each other
 about principals... French is known to be very conservative when it
 comes to introducing English words to itself

Principal is used in law, finance, education, art, social economics...
All french translations aren't good for zope3. Using 'Principal' is
another option but it is also a french word ('main', 'the main thing')
: source of confusion. Currently, I don't know what to do. Another
difficult word is credentials.

-- 
Sébastien Douche [EMAIL PROTECTED]
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] A Call for Slaves

2005-09-13 Thread Benji York

Chris Withers wrote:

Tim Peters wrote:

Or you can fetch the compiled .pyds from my member page, as the
current Windows build-bot slaves do (see the wget PYDs log and
unzip PYDs log steps from the Windows 2000 fred-win column at
http://buildbot.zope.org/).


Sorry, just re-read this, now I'm lost again.
I just assumed the buildbot would build these, since it's well, a build 
bot? 


The current config for Windows fetches the pre-compiled PYDs.  That way 
you aren't required to have the compilers installed.  I was just asking 
to test the waters about people having/installing the compilers in the 
future.



What exactly IS the buildbot doing then?


It's running the tests, that's what we're interested in.
--
Benji York
Senior Software Engineer
Zope Corporation
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] Re: most specific interface?

2005-09-13 Thread Jean-Marc Orliaguet
Janko Hauser wrote:


 Am 13.09.2005 um 12:43 schrieb Jean-Marc Orliaguet:

 But where do you put the 'directlyProvides' statement? in the class :


 Can't this be put in the interface definition module for 
 IContentType? You mark other interfaces with the interface IContentType.

 __Janko


I don't know.. but the content type is just one type of categorization.
I already have 3 or 4 categories that apply to a same object apart from
zope's IContentType.

/JM
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] Re: most specific interface?

2005-09-13 Thread Jim Fulton

Jean-Marc Orliaguet wrote:
...

the idea is that you define as many categories as you need: IMetaType,
ISomeCategory, IWidgetType ... and you create relations between
interfaces with:

directlyProvides(IFile, IContentType)


Exactly.


as if you had a relation tool,


There are all sorts of ways of expressing relationships in Python
without central databases.

 then every object that implements IFile

(no matter in what position) will have the IFile content type?


Right.  Note that a content type is a specific kind of type.

If an object provides interface I, then the object is said to
be of type I.  If I is a content type, then the object is said
to have that content type.

As a matter of policy, we expect an object to have a single content
type and have a helper function for getting the content type by
finding an object's most specifiuc type that is a content type.


But where do you put the 'directlyProvides' statement?


There are two options.  You put it in some python module, such
as the module that defines IFile:

  class IFile(...):
 ...

  directlyProvides(IFile, IContentType)

or, since this is often a configuration choice, you put in in
zcml:


  interface
  interface=.interfaces.IFile
  type=zope.app.content.interfaces.IContentType
  /

Jim

--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] A Call for Slaves

2005-09-13 Thread Tim Peters
[Tim Peters]
 BTW, Microsoft no longer sells VC6.
 
[Chris Withers]
 Indeed, this was my understanding...

 Nevertheless, does anyone know how to legally get hold of these?
 (Hmmm... I work in amoungst a horde of MS developers here, maybe one of
 them will know...)

Go to

http://www.google.com

and enter

visual studio 6

in the search box.  Pay attention to the text ads you get back after
you hit ENTER.

 Also, how can I build both 2.3 and 2.4 stuff on one machine?

 I do this routinely on my boxes, but I don't know anything about the
 build-bot environment (which would have to be strange indeed to
 prevent building 2.3 and 2.4 versions on the same box).

 Well, how would I do it manually?

How would you do what manually?  Install all the versions of Python
you care about on Windows, and build Zope using the version of Python
you want to test with.  For example,

\Python23\python setup.py build_ext -i install_data --install-dir .
\Python23\python test.py -v

from the root of a Zope3 checkout, to test Zope3 with Python 2.3.5,
assuming you installed the latest release in the Python 2.3 line and
accepted the default installation directory.  Use the path to a
different Python if you want to use a different Python.
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Steve Alexander

Philipp von Weitershausen wrote:

 Martijn suggests to just use user. I can live with that. The reason
 why I didn't propose that is because I thought people still valued the
 abstraction of a principal as opposed to the physical person. I don't
 need it and all those Unix users out there don't seem to need it either...


Dmitry Vasiliev wrote:

 +1 on user. Actually for Russian translation I've used user anyway since 
 I 
 didn't find another good translation for principal.

I'm -1 on user.

In Launchpad, the concepts of User and Principal are quite different.

For example, a principal that represents a particular user accessing the
web application is different from the principal that represents that
same user accessing Launchpad via gpg signed email.

In Launchpad, request.principal is not used by the application
programmers.  It is used only by the authentication, authorization and
publication machinery.  The machinery looks up a Person (an application
domain object) for the current principal (the participant, if you will)
and makes this available to application code.  So, application code
deals with an application-level object, not some security system construct.

Maybe in some simple systems it is good to conflate the concepts of
user and principal.  Making the principal available from the request
in zope3 encourages this.  But, I think that it is not good application
design, and it does not make for clear abstractions.

-- 
Steve Alexander

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



RE: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Roger Ineichen
Hi Philipp

Regards
Roger Ineichen

Projekt01 GmbH
www.projekt01.ch
_
END OF MESSAGE  

 -Original Message-
 From: Philipp von Weitershausen [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, September 13, 2005 9:31 AM
 To: [EMAIL PROTECTED]
 Cc: zope3-dev@zope.org; 'Stephan Richter'
 Subject: Re: [Zope3-dev] RFC: Rename principal to participant
 
[...]
 
  Perhaps it is helpful to describe what a principal really are.
  
  
  A principal object represents the security context of the 
 user on whose 
  behalf the code is running, including the user's identity, 
 groups and 
  roles to which they belong.
  
 
 That's a good definition, thank you. Which source are you 
 quoting from?

Perhaps yo have to use a internet explorer for reading this ;-)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/
frlrfsystemsecurityprincipaliprincipalclasstopic.asp


Regards
Roger Ineichen

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] Re: RFC: Rename principal to participant

2005-09-13 Thread Tom von Schwerdtner
On 9/12/05, Tonico Strasser [EMAIL PROTECTED] wrote:
 Philipp von Weitershausen schrieb:
 ...
 
  So, I would like to give principal a better name. How about
  participant? After all, a principal _participates_ in an interaction
  through a participation (e.g. an HTTP request). Participant should also
  be pretty easy to translate: it's a common word, especially outside IT
  vocubulary, which means chances are good to find appropriate native
  translations for it.
 
  (Note that the point of finding translations for technical terms is not
  only for the sake of a translated Zope 3 UI. It's more about how people
  understand technical terms. I think most Zope 3 developers aren't native
  English speakers and they do not necessarily think in English. So, good
  words that have good native translations help the understanding process
  on their end. That is not only important for _learning_ a concept, but
  also for _explaining_ it. As a book author, I know what I'm talking
  about... :))
 
  Hope to hear some comments,
 
 Here the obligatory dumb question: why is it not called user?

It might be worth considering that the term user has a mostly
negative connotation in English (at least in the USA).

IMO anyways, I don't have any data to back this up.

-Tom
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] Re: RFC: Rename principal to participant

2005-09-13 Thread Shane Hathaway

Tom von Schwerdtner wrote:

It might be worth considering that the term user has a mostly
negative connotation in English (at least in the USA).


In tech circles, user is completely neutral and safe.  However, in 
slang, sometimes drug user is shortened to user.


Shane

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Shane Hathaway

Steve Alexander wrote:

In Launchpad, request.principal is not used by the application
programmers.  It is used only by the authentication, authorization and
publication machinery.  The machinery looks up a Person (an application
domain object) for the current principal (the participant, if you will)
and makes this available to application code.  So, application code
deals with an application-level object, not some security system construct.


It sounds like you're saying only the security machinery should know 
about principals, and that everything else deals with users.  If so, it 
should not be necessary for any Zope 3 developer to learn about 
principals unless they are writing security machinery.  Is that right?


Shane
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Lennart Regebro
On 9/13/05, Shane Hathaway [EMAIL PROTECTED] wrote:
 It sounds like you're saying only the security machinery should know
 about principals, and that everything else deals with users.  If so, it
 should not be necessary for any Zope 3 developer to learn about
 principals unless they are writing security machinery.  Is that right?

That sounds sublimely reasonable to me.
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Steve Alexander
Shane Hathaway wrote:
 Steve Alexander wrote:
 
 In Launchpad, request.principal is not used by the application
 programmers.  It is used only by the authentication, authorization and
 publication machinery.  The machinery looks up a Person (an application
 domain object) for the current principal (the participant, if you will)
 and makes this available to application code.  So, application code
 deals with an application-level object, not some security system
 construct.
 
 
 It sounds like you're saying only the security machinery should know
 about principals, and that everything else deals with users.  If so, it
 should not be necessary for any Zope 3 developer to learn about
 principals unless they are writing security machinery.  Is that right?

You need to know about principals if you are writing security machinery,
or if you are writing the thing that maps principals to whatever passes
for users in your application.

What typically happens is, the request contains credentials.  The
principal represents the fact that those credentials have been checked
and found to be ones that the system knows about.  It also represents
the type of credentials, for example, how much you trust them.  This in
turn maps to the concept of a user accessing your system.

  credential - principal - user

The Zope 3 framework can take care of the credentials and principals.
The users are application-specific.  A content management system for
Zope 3 would have its own concept of what a user is, but still use the
Zope 3 concepts and implementations of principal and credential.  A room
booking and timetabling system may have a different concept of a user,
as a user may well be a specific instance of a content object such as a
person (who is a bookable resource).

-- 
Steve Alexander
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



RE: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Roger Ineichen
Hi Shane  

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On 
 Behalf Of Shane Hathaway
 Sent: Tuesday, September 13, 2005 7:34 PM
 To: Steve Alexander
 Cc: [EMAIL PROTECTED]
 Subject: Re: [Zope3-dev] RFC: Rename principal to participant
 
 Steve Alexander wrote:
  In Launchpad, request.principal is not used by the application
  programmers.  It is used only by the authentication, 
 authorization and
  publication machinery.  The machinery looks up a Person (an 
 application
  domain object) for the current principal (the participant, 
 if you will)
  and makes this available to application code.  So, application code
  deals with an application-level object, not some security 
 system construct.
 
 It sounds like you're saying only the security machinery should know 
 about principals, and that everything else deals with users.  
 If so, it 
 should not be necessary for any Zope 3 developer to learn about 
 principals unless they are writing security machinery.  Is that right?

I think so too. But I whould not try to explain a PAU (pluggable
authentication utility) without to use the word principal. I think
using the words user or participant for a principal in this case is
not a good idea. 

Regards
Roger Ineichen

Projekt01 GmbH
www.projekt01.ch
_
END OF MESSAGE

 Shane
 ___
 Zope3-dev mailing list
 Zope3-dev@zope.org
 Unsub: 
 http://mail.zope.org/mailman/options/zope3-dev/dev%40projekt01.ch
 
 

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



Re: [Zope3-dev] RFC: Rename principal to participant

2005-09-13 Thread Steve Alexander

 I think so too. But I whould not try to explain a PAU (pluggable
 authentication utility) without to use the word principal. I think
 using the words user or participant for a principal in this case is
 not a good idea. 

Perhaps the scope of the PUA can be extended to have a plug-in factory
for User objects, and to make the current User easily available inside
page templates and other presentation code.

People who wish to use[1] the PUA would define their own User class,
which could be as simple as taking the principal id, but would often be
more complex according to the needs of their application.

-- 
Steve Alexander

[1] Desperately trying to avoid using the term user there.
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



[Zope3-dev] Re: RFC: Rename principal to participant

2005-09-13 Thread Derrick Hudson
On Tue, Sep 13, 2005 at 12:08:40PM +0200, Sebastien Douche wrote:
| On 9/13/05, Philipp von Weitershausen [EMAIL PROTECTED] wrote:

|  I wonder, for
|  example, which term French speakers use when they *talk* to each other
|  about principals... French is known to be very conservative when it
|  comes to introducing English words to itself
| 
| Principal is used in law, finance, education, art, social economics...
| All french translations aren't good for zope3. Using 'Principal' is
| another option but it is also a french word ('main', 'the main thing')
| : source of confusion.

Interesting.  I suppose English obtained principal from French ca
1040 ad.  Maybe the French are conservative about adopting English
words because the English were, generally, uneducated peasants while
the French were the ruling class.  (then again, that probably has no
relevance :-))

English has several definitions, with main or primary
being one of them.  I suppose that is where the others are derived
from.  For example, the highest-level official in a primary or
secondary school is called the principal.

Maybe the use of principal for security stems from the idea of a
primary identity, which can be related to secondary identities (ie a
user vs. the groups the user is a member of).

-D

-- 
After you install Microsoft Windows XP, you have the option to create
user accounts.  If you create user accounts, by default, they will have
an account type of administrator with no password.
-- bugtraq
 
www: http://dman13.dyndns.org/~dman/jabber: [EMAIL PROTECTED]


signature.asc
Description: Digital signature
___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com



[Zope3-dev] tiny patch to zope.server.interfaces.IStreamConsumer

2005-09-13 Thread Chad Whitacre

Dear All,

zope.server.serverchannelbase.received requires preq, an 
IStreamConsumer, to have a boolean attribute named `empty' that is not 
mentioned in the interface. A patch against the trunk (rev 38459) is 
attached, which adds this attribute to the interface.


Thanks.



Chad Whitacre


P.S. I tried to file this as a bug+solution in the Z3d Issue Collector, 
but when I submitted the New Issue form, I was given a login screen. 
After several login attempts, I went through the forgotten password 
process, but never received an email. The only other thing I can think 
of is that my email address on record is bad, but I don't know how to 
verify or fix that.


Index: src/zope/server/interfaces/__init__.py
===
--- src/zope/server/interfaces/__init__.py  (revision 38459)
+++ src/zope/server/interfaces/__init__.py  (working copy)
@@ -195,7 +195,10 @@
 completed = Attribute(
 'completed', 'Set to a true value when finished consuming data.')

+empty = Attribute(
+'empty', 'Set if no request was made.')

+
 class IServer(Interface):
 This interface describes the basic base server.

___
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com