Re: [Openinteract-help] Security in CommonHandler

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

* Tho...@be... (Tho...@be...) [011211 10:57]:
> Is it possible to set the other forms secure like the search_form as
> done below ?

Sure thing -- each 'task' can be listed in the package 'security' hash
of your handler and assigned a minimum security level. So the
following security specification:

 %OpenInteract::Handler::Classified::security = (
  search_form => SEC_LEVEL_READ,
  search      => SEC_LEVEL_READ,
  show        => SEC_LEVEL_READ,
  create      => SEC_LEVEL_WRITE,
  edit        => SEC_LEVEL_WRITE,
  remove      => SEC_LEVEL_WRITE,
 );

Means that:

 /Classified/search_form/ --> requires 'read' access to the handler
 /Classified/search/      --> requires 'read' access to the handler
 /Classified/show/        --> requires 'read' access to the handler
 /Classified/create/      --> requires 'write' access to the handler
 /Classified/edit/        --> requires 'write' access to the handler
 /Classified/remove/      --> requires 'write' access to the handler

Using:

 %OpenInteract::Handler::Classified::security = (
  DEFAULT_SECURITY_KEY() => SEC_LEVEL_READ,
 );

Means that the minimum security for any task not specified is
'read'. And if a task isn't specified in the package security hash and
there's no default set by you, then OpenInteract assumes 'write'
access is required to run the task.

Hope that makes sense,

Chris

-- 
Chris Winters (ch...@cw...)
Building enterprise-capable snack solutions since 1988.