Lennart Regebro <[EMAIL PROTECTED]> wrote:
> With workgroups you create ten workgroups. Within each workgrup you assign
> users to their respective roles. You then add the workgroups to the correct
> places in the hierarchy. It also opens for the possibility to assign
> workgroup managers that can create users and add them to their groups
> without having any other manager rights (although this could be added later
> to make it easier to implement).

Okay now I understand.
It's indeed another form of indirect management of local roles.

In getRolesInContext you'd have to have examine __ac_local_workgroups__,
containing the list of workgroup ids, and to know what user->role
mapping a workgroup has you'd have to consult the place where the
workgroup definitions are stored, probably the acl_user of the user
we're currently looking at.

Then it's simply :-) a matter of user interface. There's also the
question of what permissions are needed to modify a workgroup of course.

Does this match what you want ?

Looks quite feasible to me, and I think it can be done pretty
independantly of the user groups I propose.

Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 10  http://nuxeo.com  mailto:[EMAIL PROTECTED]

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to