Philipp von Weitershausen wrote:

>>> Martijn suggests to just use "user". I can live with that. The reason
>>> why I didn't propose that is because I thought people still valued the
>>> abstraction of a principal as opposed to the physical person. I don't
>>> need it and all those Unix users out there don't seem to need it either...

Dmitry Vasiliev wrote:

> +1 on "user". Actually for Russian translation I've used "user" anyway since 
> I 
> didn't find another good translation for "principal".

I'm -1 on "user".

In Launchpad, the concepts of User and Principal are quite different.

For example, a principal that represents a particular user accessing the
web application is different from the principal that represents that
same user accessing Launchpad via gpg signed email.

In Launchpad, request.principal is not used by the application
programmers.  It is used only by the authentication, authorization and
publication machinery.  The machinery looks up a Person (an application
domain object) for the current principal (the participant, if you will)
and makes this available to application code.  So, application code
deals with an application-level object, not some security system construct.

Maybe in some simple systems it is good to conflate the concepts of
"user" and "principal".  Making the principal available from the request
in zope3 encourages this.  But, I think that it is not good application
design, and it does not make for clear abstractions.

Steve Alexander

Zope3-dev mailing list

Reply via email to