| povbot | /svn/commits: * srichter committed revision 5488: | 00:26 |
|---|---|---|
| povbot | /svn/commits: Fix I18n domain. | 00:26 |
| povbot | /svn/commits: * srichter committed revision 5489: | 00:26 |
| *** didymo has quit IRC | 00:55 | |
| srichter | hoffman: I cannot complete the documentation without some code improvements | 01:30 |
| srichter | for example, currently there is no way for me to add new permissions to th eACL view | 01:31 |
| srichter | so when I create a new permission schooltool.commendation.manage, then it is not shown in the ACL view | 01:32 |
| hoffman | Hey. | 01:34 |
| hoffman | Ah. | 01:34 |
| hoffman | Do we need some kind of viewlet there srichter? | 01:34 |
| hoffman | Actually... that view is going to have to disappear. | 01:34 |
| srichter | no, we need to make the ACL view more flexible | 01:35 |
| srichter | really, why? | 01:35 |
| srichter | without it, you cannot control security at all | 01:35 |
| hoffman | Well, the big freakin' grid o'permissions just isn't appropriate for a student information system. | 01:36 |
| srichter | so you mean th eUI will have to change? | 01:36 |
| hoffman | Yes, but primarily it is going to change by giving the site admin much less flexibility, especially this year. | 01:37 |
| srichter | good luck changing all the tests :-) | 01:38 |
| srichter | anyways, how do you want to solve my particular use case? | 01:38 |
| hoffman | Which tests? | 01:39 |
| srichter | note that I could reuse the schooltool.create permission, but a person would presumely be allowed that permission on itself | 01:39 |
| srichter | the ftests that test the security all the time | 01:39 |
| hoffman | I think I'll be able to get Paul to do a lot of this. | 01:40 |
| hoffman | Anyhow, can't you just set the permissions in zcml? | 01:41 |
| srichter | no, ZCML does not deal with local data | 01:41 |
| hoffman | Aren't there default permissions? | 01:42 |
| srichter | I need to be able to say: Allow group or person X to create commendations | 01:42 |
| srichter | yeah, but do you really want to trust those? | 01:42 |
| srichter | for example, it seems likely that person X can add new objects to person X (i.e. itself) | 01:42 |
| srichter | that means person X can write commendations for him/herself | 01:43 |
| hoffman | But students can't write commendations, right? | 01:43 |
| srichter | well, if a student has schooltool.create set on him/herself, they could, if I reuse the standard schooltool.create permission | 01:44 |
| hoffman | You'll have to create a new permission. | 01:44 |
| srichter | I did | 01:44 |
| hoffman | And how do you set up the default? | 01:44 |
| srichter | but that permission will not show up in the ACL view | 01:44 |
| hoffman | I think we're back to where we started. | 01:44 |
| srichter | ye | 01:45 |
| srichter | and that's because there is a missing piece | 01:45 |
| hoffman | Do you set the default in ZCML? | 01:45 |
| srichter | no | 01:45 |
| hoffman | Python code? | 01:45 |
| srichter | I think there is a subscriber to the "created schooltool application" event | 01:45 |
| srichter | note that this subscriber is not called, when an application already exists | 01:46 |
| hoffman | So you can't update it. | 01:46 |
| srichter | right | 01:47 |
| srichter | at least not without writing a generation script | 01:47 |
| srichter | which is totally silly for this use | 01:47 |
| srichter | just imagine I have to tell a beginner to write generations | 01:47 |
| hoffman | Could the permissions be modified by a site-wide preference? | 01:47 |
| hoffman | Or something that looked like one to the user? | 01:48 |
| srichter | so now you are back at improving the ACL UI | 01:48 |
| hoffman | Well, sort of. | 01:48 |
| srichter | the ACL screen is a site-wide preference | 01:48 |
| srichter | (at least for localhost:7080/acl.html) | 01:48 |
| hoffman | Yes. | 01:49 |
| srichter | a good fix for now would be to improve the ACL view, as I mentioned before | 01:50 |
| srichter | whether the UI gets a lift afterwards is a different story | 01:50 |
| hoffman | It needs more than a lift. | 01:51 |
| srichter | (btw, I would strongly discourage you from dumbing down the permission setting capabilities) | 01:52 |
| hoffman | Dude, we're writing a student information system. | 01:52 |
| hoffman | This will be full of highly confidential data. | 01:53 |
| srichter | exactely! | 01:53 |
| hoffman | Giving slightly clueless admins a powerful, yet cryptic interface to allow them to change every possible permission is a bad idea. | 01:53 |
| srichter | note that I would feel much more comfortable about simple permissions, if students could not access the system at all | 01:53 |
| srichter | as I said, I agree that the UI needs to be improved | 01:54 |
| hoffman | It needs to be improved by eliminating 95% of it. | 01:54 |
| hoffman | And the whole contextual/inherited aspect of it is too abstract. | 01:55 |
| srichter | but we better make darn sure that the security setup we do provide is rock-solid; if it is not and we have no chance of saying go there to fix the problem | 01:55 |
| srichter | but I think that this is still a UI problem | 01:55 |
| hoffman | It is. | 01:56 |
| srichter | you can change the UI without taking away power | 01:56 |
| srichter | (which btw, gets us right to the heart of the GNOME verus KDE discussion) | 01:56 |
| hoffman | We want to take away most of the power. | 01:56 |
| srichter | GNOME decided to deal with difficult setup problems by providing no options | 01:57 |
| hoffman | We don't want to make it possible, for example, for an admin to allow one student to see another's private data. | 01:57 |
| hoffman | Yes, that's the approach we're taking. | 01:57 |
| hoffman | As much as we can. | 01:57 |
| hoffman | In this product, there is one thing that you might like to change: | 01:57 |
| hoffman | who can create these. | 01:58 |
| hoffman | What I would like is a simple way to indicate that and only that at the top level of the application. | 01:58 |
| srichter | note that I think the GNOME approach is fundamentally flawed; but you are the PM, so I'll do what you want | 01:58 |
| srichter | right | 01:58 |
| srichter | so back to the original problem, how should I address that right now? | 02:00 |
| hoffman | So what we need is a system for adding a control panel or something for the admin for each product that is added. | 02:00 |
| srichter | from what I am hearing from you is that it would be best to reuse existing and registered permissions | 02:00 |
| hoffman | We'll be revisiting this issue, to be sure. | 02:01 |
| srichter | I agree with the control panel | 02:01 |
| hoffman | Given that there is no real likelihood that anyone is going to use this now, using existing permission is probably fine. | 02:01 |
| hoffman | We'll come back when we've refined our control panel ideas. | 02:02 |
| hoffman | I'm meeting with Paul here tomorrow at 10:00, btw. | 02:02 |
| hoffman | To discuss merging in the additional requirements work he's done. | 02:02 |
| srichter | I'll note that this is not a matter of this particular code, but if we distribute the package as documentation, you can bet people will copy this code and adopt the pattern | 02:02 |
| srichter | I will be out tomorrow morning | 02:03 |
| hoffman | Well, I know they'll adopt it eventually. If people start cranking out products next week using the current admin screen, well, that's a problem I'd LIKE to have. | 02:04 |
| hoffman | We'll fix it. | 02:04 |
| hoffman | I think the solution is technically simple. We just have to think about it a bit. | 02:05 |
| srichter | he he | 02:05 |
| srichter | ok | 02:05 |
| hoffman | Or at least I need to eat dinner. | 02:06 |
| hoffman | The methods in the ACL form aren't magic, right? They can be called from elsewhere. | 02:07 |
| hoffman | Other forms. | 02:07 |
| srichter | yep | 02:08 |
| srichter | ACL in Zope 3 is fairly simple, once you understand the grid data structure (which is not hard) | 02:08 |
| hoffman | The grid, plus the inheritance structure is too tough for people. | 02:09 |
| srichter | I think we should start treating the SchoolTool app more like a desktop | 02:10 |
| srichter | and not an object tree | 02:10 |
| srichter | that might help | 02:10 |
| hoffman | Yes. | 02:10 |
| hoffman | Well, to a degree. | 02:10 |
| hoffman | That's always been a challenge, design wise. | 02:11 |
| hoffman | But people definitely don't relate to the object tree in terms of permissions. | 02:11 |
| hoffman | And it is rather vital to not confuse them in that regard. | 02:11 |
| *** Aiste has quit IRC | 12:42 | |
| *** Aiste has joined #schooltool | 12:57 | |
| *** alga has joined #SchoolTool | 13:04 | |
| *** thisfred has joined #schooltool | 13:15 | |
| *** ignas has joined #schooltool | 13:24 | |
| *** jinty has joined #schooltool | 13:33 | |
| *** srichter has quit IRC | 13:45 | |
| *** srichter has joined #schooltool | 15:36 | |
| *** hoffman has quit IRC | 15:36 | |
| *** srichter has quit IRC | 15:50 | |
| *** ignas has quit IRC | 16:21 | |
| *** hoffman has joined #schooltool | 16:48 | |
| *** pcardune has joined #schooltool | 17:41 | |
| pcardune | hoffman: I'm finally here... got stuck at lunch with some important Senegalese person | 17:42 |
| *** _pcardune has joined #schooltool | 18:04 | |
| *** pcardune has quit IRC | 18:04 | |
| hoffman | _pcardune: Hi. | 18:11 |
| *** _pcardune is now known as pcardune | 18:12 | |
| pcardune | hoffman: hi, do you have any time to meet? | 18:12 |
| hoffman | Sure. | 18:12 |
| pcardune | Ok, well some of the stuff I was going to move over has already been done | 18:13 |
| hoffman | Yes, that was one thing. | 18:13 |
| hoffman | I did the merge of GroupRequirement and Requirement. | 18:13 |
| pcardune | I also saw the grades.txt file you added, that looks good | 18:13 |
| pcardune | what needs to be added still is a namespace traverser, so that requirements can be accessed via ++requirements++ | 18:15 |
| hoffman | OK. | 18:15 |
| hoffman | Do you think I need to add a SchoolToolApplication() and put everything inside that to get the last test in grades.txt to work? | 18:16 |
| hoffman | That's a functional test. | 18:17 |
| pcardune | yeah, i think that would be the right thing to do | 18:17 |
| hoffman | That's what I was thinking. I just haven't tried it yet. | 18:18 |
| pcardune | actually... that should just work on it's own | 18:18 |
| pcardune | what error does it throw? | 18:18 |
| hoffman | iteration over non-sequence. | 18:20 |
| hoffman | It can't add the evaluation to the container. | 18:21 |
| hoffman | The existing README.txt also throws similar errors if you try to run it as an ftest rather than a regular test. | 18:22 |
| *** _pcardune has joined #schooltool | 18:26 | |
| *** pcardune has quit IRC | 18:26 | |
| hoffman | Anyhow, are you still with us _pcardune? | 18:27 |
| _pcardune | yeah, my ethernet cable got unplugged | 18:27 |
| hoffman | So which part of the CanDo source tree should I be looking at? | 18:28 |
| hoffman | virginia? | 18:28 |
| _pcardune | the virginia package | 18:28 |
| _pcardune | there are todo notes next to things I was intending to move over | 18:28 |
| hoffman | Such as? | 18:30 |
| _pcardune | configuration for the namespace view/adapter (in configure.zcml) and having configuration to make SchoolToolApplication implement IHaveRequirement (for global requirements) | 18:31 |
| hoffman | Ah, cool. | 18:32 |
| _pcardune | that's it | 18:33 |
| hoffman | Yes, that's all fine. Quite frankly, I just got myself worried because I was looking at your older CanDo code and started thinking it was new. | 18:33 |
| hoffman | That's why I wanted to make sure we were on the same page. | 18:33 |
| _pcardune | oh yeah, don't look at that | 18:33 |
| _pcardune | ;) | 18:33 |
| *** srichter has joined #schooltool | 18:33 | |
| hoffman | So if I wanted to implement a more complex standard object with a bunch of meta-data but the same behavior as a requirement, would I sub-class or adapt? | 18:34 |
| srichter | subclass | 18:35 |
| _pcardune | sub-class | 18:35 |
| hoffman | OK. | 18:35 |
| hoffman | That's all the questions I have then. | 18:35 |
| _pcardune | ok, good | 18:36 |
| *** jinty has quit IRC | 19:24 | |
| *** jinty has joined #schooltool | 19:51 | |
| *** ignas has joined #schooltool | 20:00 | |
| *** _pcardune has quit IRC | 20:08 | |
| *** mgedmin has joined #schooltool | 20:08 | |
| *** tiredbones has quit IRC | 20:22 | |
| *** auxesis has quit IRC | 20:22 | |
| *** tiredbones has joined #schooltool | 20:23 | |
| *** pcardune has joined #schooltool | 20:28 | |
| *** auxesis has joined #schooltool | 20:28 | |
| *** pcardune has quit IRC | 20:43 | |
| *** jinty has quit IRC | 21:00 | |
| *** thisfred has quit IRC | 21:12 | |
| *** toothpick has joined #schooltool | 21:23 | |
| *** toothpick has left #schooltool | 21:24 | |
| *** ignas has quit IRC | 21:26 | |
| *** alga has quit IRC | 21:32 | |
| *** Aiste has quit IRC | 21:51 | |
| *** mgedmin has quit IRC | 22:29 | |
| *** jinty has joined #schooltool | 23:03 | |
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!