IRC log of #schooltool for Wednesday, 2005-12-21

povbot/svn/commits: * srichter committed revision 5488:00:26
povbot/svn/commits: Fix I18n domain.00:26
povbot/svn/commits: * srichter committed revision 5489:00:26
*** didymo has quit IRC00:55
srichterhoffman: I cannot complete the documentation without some code improvements01:30
srichterfor example, currently there is no way for me to add new permissions to th eACL view01:31
srichterso when I create a new permission schooltool.commendation.manage, then it is not shown in the ACL view01:32
hoffmanDo we need some kind of viewlet there srichter?01:34
hoffmanActually... that view is going to have to disappear.01:34
srichterno, we need to make the ACL view more flexible01:35
srichterreally, why?01:35
srichterwithout it, you cannot control security at all01:35
hoffmanWell, the big freakin' grid o'permissions just isn't appropriate for a student information system.01:36
srichterso you mean th eUI will have to change?01:36
hoffmanYes, but primarily it is going to change by giving the site admin much less flexibility, especially this year.01:37
srichtergood luck changing all the tests :-)01:38
srichteranyways, how do you want to solve my particular use case?01:38
hoffmanWhich tests?01:39
srichternote that I could reuse the schooltool.create permission, but a person would presumely be allowed that permission on itself01:39
srichterthe ftests that test the security all the time01:39
hoffmanI think I'll be able to get Paul to do a lot of this.01:40
hoffmanAnyhow, can't you just set the permissions in zcml?01:41
srichterno, ZCML does not deal with local data01:41
hoffmanAren't there default permissions?01:42
srichterI need to be able to say: Allow group or person X to create commendations01:42
srichteryeah, but do you really want to trust those?01:42
srichterfor example, it seems likely that person X can add new objects to person X (i.e. itself)01:42
srichterthat means person X can write commendations for him/herself01:43
hoffmanBut students can't write commendations, right?01:43
srichterwell, if a student has schooltool.create set on him/herself, they could, if I reuse the standard schooltool.create permission01:44
hoffmanYou'll have to create a new permission.01:44
srichterI did01:44
hoffmanAnd how do you set up the default?01:44
srichterbut that permission will not show up in the ACL view01:44
hoffmanI think we're back to where we started.01:44
srichterand that's because there is a missing piece01:45
hoffmanDo you set the default in ZCML?01:45
hoffmanPython code?01:45
srichterI think there is a subscriber to the "created schooltool application" event01:45
srichternote that this subscriber is not called, when an application already exists01:46
hoffmanSo you can't update it.01:46
srichterat least not without writing a generation script01:47
srichterwhich is totally silly for this use01:47
srichterjust imagine I have to tell a beginner to write generations01:47
hoffmanCould the permissions be modified by a site-wide preference?01:47
hoffmanOr something that looked like one to the user?01:48
srichterso now you are back at improving the ACL UI01:48
hoffmanWell, sort of.01:48
srichterthe ACL screen is a site-wide preference01:48
srichter(at least for localhost:7080/acl.html)01:48
srichtera good fix for now would be to improve the ACL view, as I mentioned before01:50
srichterwhether the UI gets a lift afterwards is a different story01:50
hoffmanIt needs more than a lift.01:51
srichter(btw, I would strongly discourage you from dumbing down the permission setting capabilities)01:52
hoffmanDude, we're writing a student information system.01:52
hoffmanThis will be full of highly confidential data.01:53
hoffmanGiving slightly clueless admins a powerful, yet cryptic interface to allow them to change every possible permission is a bad idea.01:53
srichternote that I would feel much more comfortable about simple permissions, if students could not access the system at all01:53
srichteras I said, I agree that the UI needs to be improved01:54
hoffmanIt needs to be improved by eliminating 95% of it.01:54
hoffmanAnd the whole contextual/inherited aspect of it is too abstract.01:55
srichterbut we better make darn sure that the security setup we do provide is rock-solid; if it is not and we have no chance of saying go there to fix the problem01:55
srichterbut I think that this is still a UI problem01:55
hoffmanIt is.01:56
srichteryou can change the UI without taking away power01:56
srichter(which btw, gets us right to the heart of the GNOME verus KDE discussion)01:56
hoffmanWe want to take away most of the power.01:56
srichterGNOME decided to deal with difficult setup problems by providing no options01:57
hoffmanWe don't want to make it possible, for example, for an admin to allow one student to see another's private data.01:57
hoffmanYes, that's the approach we're taking.01:57
hoffmanAs much as we can.01:57
hoffmanIn this product, there is one thing that you might like to change:01:57
hoffmanwho can create these.01:58
hoffmanWhat I would like is a simple way to indicate that and only that at the top level of the application.01:58
srichternote that I think the GNOME approach is fundamentally flawed; but you are the PM, so I'll do what you want01:58
srichterso back to the original problem, how should I address that right now?02:00
hoffmanSo what we need is a system for adding a control panel or something for the admin for each product that is added.02:00
srichterfrom what I am hearing from you is that it would be best to reuse existing and registered permissions02:00
hoffmanWe'll be revisiting this issue, to be sure.02:01
srichterI agree with the control panel02:01
hoffmanGiven that there is no real likelihood that anyone is going to use this now, using existing permission is probably fine.02:01
hoffmanWe'll come back when we've refined our control panel ideas.02:02
hoffmanI'm meeting with Paul here tomorrow at 10:00, btw.02:02
hoffmanTo discuss merging in the additional requirements work he's done.02:02
srichterI'll note that this is not a matter of this particular code, but if we distribute the package as documentation, you can bet people will copy this code and adopt the pattern02:02
srichterI will be out tomorrow morning02:03
hoffmanWell, I know they'll adopt it eventually.  If people start cranking out products next week using the current admin screen, well, that's a problem I'd LIKE to have.02:04
hoffmanWe'll fix it.02:04
hoffmanI think the solution is technically simple.  We just have to think about it a bit.02:05
srichterhe he02:05
hoffmanOr at least I need to eat dinner.02:06
hoffmanThe methods in the ACL form aren't magic, right?  They can be called from elsewhere.02:07
hoffmanOther forms.02:07
srichterACL in Zope 3 is fairly simple, once you understand the grid data structure (which is not hard)02:08
hoffmanThe grid, plus the inheritance structure is too tough for people.02:09
srichterI think we should start treating the SchoolTool app more like a desktop02:10
srichterand not an object tree02:10
srichterthat might help02:10
hoffmanWell, to a degree.02:10
hoffmanThat's always been a challenge, design wise.02:11
hoffmanBut people definitely don't relate to the object tree in terms of permissions.02:11
hoffmanAnd it is rather vital to not confuse them in that regard.02:11
*** Aiste has quit IRC12:42
*** Aiste has joined #schooltool12:57
*** alga has joined #SchoolTool13:04
*** thisfred has joined #schooltool13:15
*** ignas has joined #schooltool13:24
*** jinty has joined #schooltool13:33
*** srichter has quit IRC13:45
*** srichter has joined #schooltool15:36
*** hoffman has quit IRC15:36
*** srichter has quit IRC15:50
*** ignas has quit IRC16:21
*** hoffman has joined #schooltool16:48
*** pcardune has joined #schooltool17:41
pcardunehoffman: I'm finally here... got stuck at lunch with some important Senegalese person17:42
*** _pcardune has joined #schooltool18:04
*** pcardune has quit IRC18:04
hoffman_pcardune:  Hi.18:11
*** _pcardune is now known as pcardune18:12
pcardunehoffman: hi, do you have any time to meet?18:12
pcarduneOk, well some of the stuff I was going to move over has already been done18:13
hoffmanYes, that was one thing.18:13
hoffmanI did the merge of GroupRequirement and Requirement.18:13
pcarduneI also saw the grades.txt file you added, that looks good18:13
pcardunewhat needs to be added still is a namespace traverser, so that requirements can be accessed via ++requirements++18:15
hoffmanDo you think I need to add a SchoolToolApplication() and put everything inside that to get the last test in grades.txt to work?18:16
hoffmanThat's a functional test.18:17
pcarduneyeah, i think that would be the right thing to do18:17
hoffmanThat's what I was thinking.  I just haven't tried it yet.18:18
pcarduneactually... that should just work on it's own18:18
pcardunewhat error does it throw?18:18
hoffmaniteration over non-sequence.18:20
hoffmanIt can't add the evaluation to the container.18:21
hoffmanThe existing README.txt also throws similar errors if you try to run it as an ftest rather than a regular test.18:22
*** _pcardune has joined #schooltool18:26
*** pcardune has quit IRC18:26
hoffmanAnyhow, are you still with us _pcardune?18:27
_pcarduneyeah, my ethernet cable got unplugged18:27
hoffmanSo which part of the CanDo source tree should I be looking at?18:28
_pcardunethe virginia package18:28
_pcardunethere are todo notes next to things I was intending to move over18:28
hoffmanSuch as?18:30
_pcarduneconfiguration for the namespace view/adapter (in configure.zcml) and having configuration to make SchoolToolApplication implement IHaveRequirement (for global requirements)18:31
hoffmanAh, cool.18:32
_pcardunethat's it18:33
hoffmanYes, that's all fine.  Quite frankly, I just got myself worried because I was looking at your older CanDo code and started thinking it was new.18:33
hoffmanThat's why I wanted to make sure we were on the same page.18:33
_pcarduneoh yeah, don't look at that18:33
*** srichter has joined #schooltool18:33
hoffmanSo if I wanted to implement a more complex standard object with a bunch of meta-data but the same behavior as a requirement, would I sub-class or adapt?18:34
hoffmanThat's all the questions I have then.18:35
_pcarduneok, good18:36
*** jinty has quit IRC19:24
*** jinty has joined #schooltool19:51
*** ignas has joined #schooltool20:00
*** _pcardune has quit IRC20:08
*** mgedmin has joined #schooltool20:08
*** tiredbones has quit IRC20:22
*** auxesis has quit IRC20:22
*** tiredbones has joined #schooltool20:23
*** pcardune has joined #schooltool20:28
*** auxesis has joined #schooltool20:28
*** pcardune has quit IRC20:43
*** jinty has quit IRC21:00
*** thisfred has quit IRC21:12
*** toothpick has joined #schooltool21:23
*** toothpick has left #schooltool21:24
*** ignas has quit IRC21:26
*** alga has quit IRC21:32
*** Aiste has quit IRC21:51
*** mgedmin has quit IRC22:29
*** jinty has joined #schooltool23:03

Generated by 2.15.1 by Marius Gedminas - find it at!