> I see an intention not to break other user folder products. Given that
> the fishbowl proposal in question is supposed to make for a very small
> change, any breakage in existing products is a bug in its implementation.
I've just checked in changes that I believe address all of the
issues (there were several):
- Part of the problem is that I picked really poor names for the
added APIs (names that had a high likelyhood of, and in fact
were used already by custom user folder implementations).
I've changed them to 'userFolderAddUser', 'userFolderEditUser'
and 'userFolderDelUsers', making the names somewhat uglier and
less likely to clash.
- They really only need to act as permission-protected aliases to
the methods that custom user folders already implement ('_doAddUser',
'_doChangeUser', '_doDelUsers'). I've done that, and custom user
folder authors don't need to take any action (other than have
implemented the '_' methods in the first place).
- Password encryption was being done in the wrong place. It really
wants to be done in the _doAddUser and _doChangeUser, so that
custom user folders can elect to do it or not (since some pw
schemes cannot work with a pre-encrypted password).
I've changed it so that the built-in Zope user folder will do
encryption, and custom user folders can support it easily by
changing their _doAddUser and _doChangeUser to do it if appropriate.
- Updated all of the comments to (hopefully) remove confusion about
So the current status is that:
- Current user folders should continue to work without any changes,
and they don't need to do anything to support the new userFolder*
- Nothing is really "deprecated" - I've changed the wording
to say that scripts and other web-based code are encouraged to
use the new userFolder* APIs to work with users rather than
create more code dependent on the crummy 'manage_users' hackery.
I've tested this on a few variations here, but I'd be happy if some
other folks who have alternate user folders around could give the
updated lib/python/AccessControl/User.py a whirl and let me know
about any problems.
Brian Lloyd [EMAIL PROTECTED]
Software Engineer 540.361.1716
Zope Corporation http://www.zope.com
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -