I'm seeing that if I assign a role on an object to a user, then delete the user, the object still lists the user as having the local role - and I can assign the non-existant user more local roles, too. Thus, no referential integrity between users and local roles. I suppose any of my code dealing with local roles can try to get the user first before displaying their id, to prevent showing these non-existant role-holders. Anyone deal with this issue before?
I guess this stems from the fact that in Zope, objects know which users have local roles on them, but user objects don't know about the things they have local roles on (correct me if I'm wrong). Is this also the case in Zope 3? Often it's useful to be able to say "User A can do these things in relation to these objects" but in Zope it appears you have to inspect every object everywhere on the site in order to get this information.
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )