From: Martin B. <vc...@cy...> - 2005-02-25 15:03:39
|
Hi, [XML stuff] > I recommend to throw away this stuff an replace it by a simpler > solution. The commands are always loaded. So why do we do not using > them? I have the following idea: > > Example: OpenCA::Server::Command::insert_csr.pm > > $AC::operation =3D "csr insertion"; > $AC::owner =3D "REQUEST"; > > The operation is the same like the today's XML tag operation. Owner is = a > simplification with a more powerful logic. If the value is an OBJECT > CLASS (like REQUEST) then we use the parameter KEY to load the object > from the database and take the role from the loaded object (e.g. > approve_csr). If the value is ROLE then we use the parameter role to > read the role from it (e.g. insert_csr). If the value is empty then > there is no role. sounds good. So later on there would be a simple check $AC::check_authorization() || return undef; or similar, right? Martin |