[Zope-dev] LOTS of roles?

2003-02-21 Thread Paul Winkler 
has anybody ever set up a site with a large number of roles?
we're contemplating a security model for our app that might
lead to ~ 100 Roles within a year, possibly thousands 
within the next 5 years.  (Outline of the actual problem is
at the end of this message)

(The users and roles will be managed in LDAP, by the way;
we plan to use LDAPUserFolder for this and not do any
user or role administration in Zope.)

I seem to recall the Zope Book or some other text
advising against large numbers of roles, but IIRC that
was only because of the UI. Obviously the ZMI default 
Security tab will not scale.
I think I can replace that without too much trouble:
possibly have the main page list only the roles vertically,
with each one being a link to manage_roleForm as it is currently.
As the number of roles grows very large this main page
could be broken into batches if necessary.
And of course there'd be a link to another page with a list
of permissions to manage, and each of those would link
to manage_permissionForm.
i'm also thinking to use checkboxes as the current UI is too easy
to unselect everything by accident.

The question is, if I can solve the interface issues, are
there other reasons not to have hundreds or thousands of roles?
It seems to me that there should not be performance issues,
since I assume that finding the current user's roles
is just a dictionary lookup which should scale pretty well...
we're not talking millions of roles here, and each user
will have only a handful of roles.

comments?

more about our scenario:

* We must anticipate users at hundreds of locations

* there might be 10 or so users at each location

* permissions can be grouped pretty well into tasks, but are
  specific to a location - permission to do a task at one
  location must not mean permission at all locations.
  To me this suggests several Roles per location, corresponding
  to the grouped tasks at that location.

* each user might work from several different locations

* each user might need different permissions when working
  at different locations

* We have multiple applications, not all in zope, so LDAP is looking
  attractive.  


-- 

Paul Winkler
http://www.slinkp.com

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Offtopic: it's vs. its

2003-02-21 Thread Joachim Werner 

http://david.tribble.com/text/misspell.htm
Could we add that to the Zope 3 styleguide? ;-)



--

iuveno AG

Joachim Werner

_

Wittelsbacherstr. 23b
90475 Nürnberg
[EMAIL PROTECTED]
www.iuveno.de
Tel.: +49 (0) 911/ 9 88 39 84

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

[Zope-dev] AIX

2003-02-21 Thread Wolfgang Roesner 
Hi,

I run into the same problem that has been reported last year:

Author:Jan Idzikowski
Date: 04/24/2002 10:50 AM 
View: [Zope] Problems with AIX4

There never was an answer from anybody.

I installed Python 2.1.3 and Zope-2.6.1 on AIX4.3.3 and I run into 
exactly the same scenario as Jan. ZServer starts up OK and I can login and bring up 
the control panel. I can also add folders. When I try to access
/Examples or when I try to add the ZopeTutorial, Zope core dumps. When I
run with the dbx debugger, I see that the runtime stack is busted.

Usually with AIX there tend to be problem with shared libs. That doesn't 
seem to be the case here as I can successfully run all unit tests 
testrunner.py.

Is there anybody out there who was able to circumvent this problem?

What would people suggest is a good way to debug this?

Thanks!

Wolfgang

__
The NEW Netscape 7.0 browser is now available. Upgrade now! 
http://channels.netscape.com/ns/browsers/download.jsp 

Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] AIX

2003-02-21 Thread Jamie Heilman 
 There never was an answer from anybody.

Thats probably because nobody wants to admit to running AIX.

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )