Menu
▾
▴
Re: [binarycloud-dev] Permissions?
|
From: Benjamin D. S. <be...@be...> - 2001-06-30 18:10:42
|
Let's say that we have an application that handles files uploaded/downloaded
from a web site.
Users can create directories if they want, from within the browser.
We have different kinds of users - administrators, and users, for example.
Everybody can see the "object permissions" page, and see what the permissions
are for an object they'd like to download.
But, the owner of the object (who uploaded it) and administrators get
additional functionality on this "object permissions" page - they can modify
the permission set as well as view it. (so an extra button automagically
appears, and instead of listing the permissions, checkboxes are displayed)
Additionally, the administrator should have a UI whereby he/she can grant
administrative priveledges to the "object permissions" page.
So, we have:
1) permissions to the page ("object permissions")
2) permissions to portions of the page (set permissions vs view permissions)
3) permissions to the managed object (the things the site manages)
4) of at least two distinct types (files uploaded, directories)
5) A means for administrators to grant permissions to other users to the
"object permissions" page. (and presumably other pages as well)
Does this paint a scenario that makes the needs clear? I can think of several
potential applications where this type of fairly advanced permissions
structure might apply.
-Ben
On Friday 29 June 2001 18:42, you wrote:
> > I need something that can handle:
> > 1) Permission to view the page;
>
> got it.
>
> > 2) permission to view part of a page;
>
> do you mean module?
> we have permissions for entity operations, but not modules. that is
> intentional because modules can both be aware of the permission context,
> and if you use entitymanager, are governed by Entity Operations.
>
> > 3) permission to view target items handled by a page;
>
> I need a more detailed explanation of this.
>
> > 4) of multiple types (files, directories, messages, etc)
>
> perms only controls access to pages processed by php in htdocs - but does
> it globally for that.
>
> > 5) that can be assigned on the fly and re-assigned as needed without
> > making the user get a PHD in how to use the system.
>
> We'll most likely have an editor for it, and all the files are xml and
> pretty simple.
>
> > Something I've ben struggling with for a while now.
>
> If you can describe the couple up there that I'm not clear on, I'll give
> you a complete picture.
>
>
> _alex
>
> > -Ben
> >
> > On Friday 29 June 2001 17:43, you wrote:
> >>> I have a rather large, complicated project, and am waiting for the
> >>> permissions information for r2. Doesn't appear that this has been
> >>> updated in the spec - What is the final goal for this stuff?
> >>
> >> it's getting there, that's the secon major piece of core to be done.
> >>
> >> I can tell you that unless you're doing something _really_ esoteric, the
> >> infrastructure we'll have will ddo what you need :)
> >>
> >> Can you give me an idea of some specific requirements that I can speak
> >> to?
> >>
> >> _alex
> >>
> >>> -Ben
> >>
> >> --
> >> alex black, ceo
> >> en...@tu...
> >>
> >> the turing studio, inc.
> >> http://www.turingstudio.com
> >>
> >> vox+510.666.0074
> >> fax+510.666.0093
> >>
> >>
> >>
> >> _______________________________________________
> >> binarycloud-dev mailing list
> >> bin...@li...
> >> http://lists.sourceforge.net/lists/listinfo/binarycloud-dev
>
> --
> alex black, ceo
> en...@tu...
>
> the turing studio, inc.
> http://www.turingstudio.com
>
> vox+510.666.0074
> fax+510.666.0093
>
>
>
> _______________________________________________
> binarycloud-dev mailing list
> bin...@li...
> http://lists.sourceforge.net/lists/listinfo/binarycloud-dev
--
"Life is short. Live it!"
|
