[Twisted-web] Get access to Avatar from Resource object?

[Glyph]

On Feb 22, 2012, at 12:46 PM, Jacek Furmankiewicz wrote:

> I am a bit more confused after this than before :-)
> 
> How can Avatar be a resource? It represents the actual user, correct?

An avatar is a resource because that's the way that cred works: the avatar is the entity that implements protocol-specific logic for a user.  For IMAP, the avatar is an IAccount; for POP it's an IMailbox, for IRC (and hopefully, one day, other chat protocols) it's an IUser.

> Isnt' there a concept of a Principal / User that has nothing to do with actual URL responses / routing / etc.

No.  Twisted does not have a concept of a user, because it doesn't need one in order to implement cross-protocol authentication.

Twisted may one day get some concept of a user so that we can integrate more cleanly with directory services, but that sort of integration is highly complex, since everybody has a slightly different schema for what they expect a "user" to be and you end up having to accommodate them all.  Plus, many people mistakenly want to have attributes of users deeply intermingled with the authentication or authorization process, when cred demonstrates that this is unnecessary and overcomplex :-).

I also want to make sure that if we do incorporate such a model, it's sufficiently well fleshed out that it meets a decent set of use-cases and can interoperate with existing relevant standards.  If you want to see what happens if you codify too simple a schema too early in your development, talk to anyone who has used Django about how much they love django.contrib.auth.

> Sorry if I am asking basic questions, but sometimes it is hard to figure out from the high-level docs how all the pieces fit together... 

It's no problem.  cred is one of the most nuanced parts of twisted, and it is unfortunately difficult to explain and to understand.  Feel free to keep hammering away with questions :).

-glyph