Changeset 12915


Ignore:
Timestamp:
8 May 2015, 07:09:08 (10 years ago)
Author:
Henrik Bettermann
Message:

Start integrating doc tests into documentation.

Location:
main/waeup.kofa/trunk
Files:
9 added
3 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.kofa/trunk/docs/source/userdocs/users.rst

    r12908 r12915  
    11.. _users:
    22
    3 Portal Officers :sup:`in progress`
    4 **********************************
     3Users :sup:`in progress`
     4************************
     5
     6Kofa distinguishes between four types of users: anonymous users, applicants, students, portal officers/managers and the zope manager. Kofa distinguishes further between authenticated and unauthenticated users and between users with and without account object.
     7
     8The user authentication process in Kofa is quite complex. Briefly and in simple terms, a so-called Authenticator validates the credentials provided via the login form, fetches the matching account object, extracts the account data and finally leads to the creation of a temporary user object, a so-called principal. Kofa principals provide `name`, `title, `email`, `phone`, `public_name` and `user_type` attributes.
     9
     10Anonymous
     11=========
     12
     13Anonymous users do not authenticate and thus do not provide credentials. Their user id in logfiles is always ``zope.anybody``. These users gain two permissions: :py:class:`Anonymous <waeup.kofa.permissions.Anonymous>` and :py:class:`Public <waeup.kofa.permissions.Public>`.
     14
     15Only a few actions of anonymous users are logged. These are payment data webservice requests, the execution of password mandates and the self-registration of applicants.
     16
     17
     18Applicants and Students
     19=======================
     20
     21Logged-in applicants or students are regular authenticated Kofa users. Their user account object is an adaption of their applicant/student object. More precisely, the Applicant/Student Authenticator fetches the matching applicant/student object and turns it on-the-fly into a Kofa account object which is further used for creating a principle instance. The `applicant_id`/`student_id` attribute becomes the user name and the `display_fullname` property serves as user title.
     22
     23
     24Officers
     25========
     26
     27Officers are users with a dedicated user account object stored in the :py:class:`users container <waeup.kofa.userscontainer.UsersContainer>` which is located in Kofa's root container. The officer accounts object has two more attributes than the principle which is created from the account data: (1) a `roles` attribute which is a list of global role names assigned to the officer, and (2) private `_local_roles` attribute which is a dictionary of local role elements.
     28
     29xxxxxxxxxxxxxxxxxxxx
     30
     31The latter is only for information purposes and not further used for authorization or permissions management.
     32
     33The management of portal officers is done in the 'Officers' section of Kofa. The management page shoes all officers registered in the portal. The table can be easily sorted or filtered.
     34
     35Manager
     36=======
     37
     38user type      user id  authenticated  account  portal UI access
  • main/waeup.kofa/trunk/src/waeup/kofa/interfaces.py

    r12901 r12915  
    482482    phone = Attribute("The phone number of a user")
    483483    public_name = Attribute("The public name of a user")
     484    user_type = Attribute("The type of a user")
    484485
    485486
     
    504505        title = _(u'Public Name'),
    505506        required = False,)
     507
     508    user_type = Attribute('The user type of the principal')
    506509
    507510class IFailedLoginInfo(IKofaObject):
     
    599602
    600603class IUsersContainer(IKofaObject):
    601     """A container for users (principals).
    602 
    603     These users are used for authentication purposes.
     604    """A container for officers.
    604605    """
    605606
  • main/waeup.kofa/trunk/src/waeup/kofa/userscontainer.py

    r12859 r12915  
    2929
    3030class UsersContainer(grok.Container, Logger):
    31     """A container for principals.
     31    """A container for officers.
    3232
    3333    See interfaces.py and users.txt for extensive description.
Note: See TracChangeset for help on using the changeset viewer.