I apologize if this issue is something that has been discussed before,
but I searched the archives to no avail.
I'm evaluating zope for a project, and I have some questions regarding
the extensibility of the user security model.
The company I work for would like to provide documents to clients via
the web, and only allow one particular client (or group of users from
the same client) access to those documents. I don't want any user to
be able to detect the presence of any other user. I essentially want
several "sites", one for each client, with a group of administrative
users responsible for maintaining these sites and publishing content
to all of them.
What this would require is a group of administrators that can see all
sites, as well as restricted users with privileges to exactly one
I'd also like to avoid having a role for each site, as that could get
ugly for almost 1000 clients. It would also be great if we could
designate a user to administer only one site, so that they could only
publish data to one client.
I guess I want "zope-level" users and "application-level" users. Is
this something that sane people do?
I don't really need a step-by-step, just a "yes, that is possible" or
a "no, you're an idiot" before I start digging in to try and do it.
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -