Forum OpenACS Development: Re: Should object_id 0 be a user or a person?

Collapse
Posted by Don Baccus on
Well ... person_id 0 is already a real person and the only side-effect has been to speed up permissions checking in Postgres by up to a couple of orders of magnitude in some cases.

Barry, don't worry, this change won't be made without considering the consequences.  And if we do make the change the default permissions which only allow registered users to write content would remain in force (person_id 0 is a member of "The Public" but not "Registered Users" and that would *not* change)  So unless someone makes an explicit choice to allow The Public (or person_id 0 explicitly) to write new content no coding error other than failing to check permissions could allow someone not logged in to create content - and if permissions aren't checked that's true regardless of how we represent a user that's not logged in.

And since the default membership group for the main subsite is "Registered Users" and since subsites can only draw new members from their parent's membership group making person 0 a user would require that the admin *explicitly* add the "Unregistered Visitor" (as person 0 is called today) to the main subsite.

So I think most of your objections would, in practice, be met if this change were made.