I'm sort of mulling the SimpleWeb changes over in my head while I'm doing other things at work, and figured I'd get some of them out while they're in there so I don't forget and can concentrate better I'm what I'm doing.
Okay, so what I'm thinking about is adding a weblogging and commenting piece into SimpleWeb. I'm not trying to duplicate Slashcode or Zope, but I want something similar (but a lot easier to maintain and use). The first thought is that I could easily add a blog front page. Think of a weblog calendar as a different type of "view" to the data than a wiki, which really doesn't have traditional views. Really the only difference between a blog-post and a wiki-page is that the former is referred to by date and the latter is referred to by name. So that's easy to do.
Here's the step I'm wondering about: Access control. I've been thinking about adding this to SimpleWeb for a while. But it can be a trap. I can easily add a binary "public editable or private" option to each page, but security is a bugaboo that you can spend all your life on with all the granular levels of viewable/editable/groups/roles etc... I'm not trying to duplicate Notes either. But it would be nice to let each user create their own blog and pages that are only their's to edit, but all using the same linked Wiki system (a blog post is a wiki page and vice versa).
The question is, how do I set up a simple Access Control which will allow you and your designated editors edit a page without needing a full-on security system? What about comments, anonymous users, etc. etc. There has to be some Zen way to do this without being psychotically complex.