On Mon, Oct 27, 2008 at 4:29 PM, Jorge Vargas <[EMAIL PROTECTED]> wrote: > > On Mon, Oct 27, 2008 at 3:04 PM, Lukasz Szybalski <[EMAIL PROTECTED]> wrote: >> >> On Mon, Oct 27, 2008 at 3:42 PM, Jorge Vargas <[EMAIL PROTECTED]> wrote: >>> >>> On Mon, Oct 27, 2008 at 9:30 AM, Lukasz Szybalski <[EMAIL PROTECTED]> wrote: >>>> >>>> On Mon, Oct 27, 2008 at 9:53 AM, Dean Landolt <[EMAIL PROTECTED]> wrote: >>>>> >>>>> >>>>> On Sun, Oct 26, 2008 at 7:09 PM, Lukasz Szybalski <[EMAIL PROTECTED]> >>>>> wrote: >>>>>> >>>>>> On Wed, Oct 22, 2008 at 7:51 AM, Gustavo Narea <[EMAIL PROTECTED]> >>>>>> wrote: >>>>>> > Hello, >>>>>> > >>>>>> > I think >>>>>> > >>>>>> >> Do you need Identity (usernames/passwords) in this project? [no] >>>>>> > >>>>>> > should be replaced by >>>>>> > >>>>>> >> Do you need authentication and authorization in this project? [yes] >>>>>> > >>> >>> totally agreed, we should make this the default. >>> >>>>>> >>>>>> What is the difference between required username/pass vs >>>>>> authentication and authorization? >>>>> >>>>> There's two layers to user management -- the who and the what. First, the >>>>> app has to know who you are (authentication), then it can make the >>>>> determination of what you're allowed access to (authorization). >>>> >>> also username/pass is less professional :) >>> >>>> So wouldn't the authentication and authorization include identity? >>>> >>> they are it's subcomponents, and the main complain we had with tg1 >>> identity was that they where too couple, which is why this approach >>> was taken, and as usual instead of reinventing the wheel, TG core >>> looked around and found repoze.who, but since they are only focus on >>> the authentication part. tg.ext.repoze.who and tg.authorization where >>> born. >>> >>>> >>>> So it seems to me that you guys will try to replace identity with the >>>> new authorization system? >>>> >>> That comment seems to be very outdated, several months ago that was >>> done with tg.ext.repoze.who :) >>> >> >> so tg.ext.repoze.who already replaced identity in tg2. >> > several months ago, and now it got replaced. > >> Can we standardized on the names? tg.ext.repoze.who vs >> tg.authorization vs? tgext.some name? >> either >> tg.ext.somename or tg.somename?? >> > names are already standardized, please look at the other emails from > Gustavo where he explains it all. > >> Also >> I don't know how much problem would that cause but could it be >> possible to rename both to something like. >> >> tg.authorization >> and >> tg.authentication >> > no because tg.authorization isn't handled by TG core, therefore we > can't change repoze.who's name. it will be like renaming genshi to > tg.templates which is a very bad idea. > >> These two would make perfect sense, vs right now I would not know what >> is the difference between tg.authorization vs tg.ext.repose.who....... >> > for the simple user user zero, as Gustavo said it's 100% backward > compatible. For the advanced user a lot as it's pluggable and > customizable, think about it this way tg.ext.repoze.who was an > experiment to see if it was a good idea, tg.authorization is that > experiment turned into production ready (we hope) software. > >>
What kind of authorization can we achieve with repoze.who aka tg.authorization? Let me know if these are available? 1. widget authorization, per user validation aka(user cannot select this box unless he has these permissions) 2. ajax widgets per user rights, meaning if permission x display widget y that shows xyz. 3. sqlalchemy save certain tables if you have x permissions 4. any combination of the above? Lucas --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
