Ownership: Manage ownership.

Description

This view allows you to set the ownership of an object.

On the top of the page Zope will tell you whether the object has an owner and who it is.

All Zope objects except objects within the Control Panel support ownership. When an object is created, copied or imported in Zope, the logged-in user performing the operation becomes the owner of the resulting object(s). Note that simply moving or renaming an object does not change its ownership.

Ownership is most important for Zope objects that "execute" content supplied through the web, such as DTML Methods, DTML Documents and SQL Methods. The abilities of these executable objects are constrained by the abilities of the object's owner as well as the user causing the object to execute from a Zope security point of view. In other words, an executable cannot perform operations that its owner could not perform directly.

While most Zope objects support ownership, objects may not always have an owner assigned. Objects that do not have an assigned owner are unowned. An unowned executable object executes with the permissions of the user running the object.

It is possible to remove a user in your Zope installation while objects that were owned by that user remain (for instance, someone in your organization moves on, so you remove his account on your Zope server). When you remove a Zope user, objects that were owned by that user still have ownership information that refers to that user. This will not cause an error, but it is important to understand what happens to Zope objects whose owners no longer exist. This is most important for "executable" objects. Usually, the abilities of executable objects are constrained by the abilities of the object's owner as well as the user causing the object to execute. If Zope cannot find the user that the executable's ownership information refers to when it tries to execute the object, it will use the special nobody or anonymous user instead. The nobody user has very minimal privileges, so you should take this into account when deciding what to do about a user's owned objects when you delete the user. If the user had DTML documents or other executable objects that depended upon their owner to have a higher level of privilege than the nobody user, they will not work correctly until their ownership has been reassigned to another user with sufficient privileges.

Controls

Take ownership
Gives you ownership of this object.

**Note: For this operation you have the Take ownership role.**

Also take ownership of all sub-objects
Gives you ownership of all the current object's sub-objects when you take ownership of the current object. Normally you should leave this option checked.