Menu
▾
▴
Re: [Erlhive-devel] Newbie questions on file system/rdbms support
|
From: Ulf W. <ul...@wi...> - 2007-01-29 07:46:02
|
Den 2007-01-28 05:27:10 skrev Caoyuan Deng <dca...@gm...>:
> As erlhive has supported privilege on {class, scalar | array | stream
> | module}, what I meant was fetching all exported functions of a
> module, and treat them as one of {class, scalar | array | stream |
> module} (or another class: function?), user can then define
> public/private area on them. When compile this module, inject guard
> code according to the 'area'. Thus, the function level access control
> can be supported.
Well, in Erlang, the identity of a function is determined by
its module context, so lists:foldl() and ets:foldl() are
decidedly different functions, and there is no separately
managed thing called (in this case) foldl(). While one could
invent a way to treat a function as a self-contained object,
I'm afraid to put too much weirdness into erlhive. (:
> BTW, for most community web applications, group level access
> control is very important, although we can plug-in it, maybe
> it's better supported natively?
In the great rewrite, not yet committed to the repository,
I've restructured the handling of environment data so that
it would be quite easy to add group membership as well.
I'm thinking of replacing the functions
erlhive.user:auth(), erlhive.user:owner(), etc.
with erlhive.user:env(Name), where Name =3D owner | auth |
caller, etc. and perhaps also group.
There would of course be some increased overhead when the
environment record is initialized (basically, each time
another module is called), but it may not be noticeable.
BR,
Ulf W
-- =
Ulf Wiger
|