[Phplib-users] preexisting perm integration
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
[Phplib-users] preexisting perm integration
|
From: Michael B. <bon...@fi...> - 2001-08-24 09:13:07
|
Hi,
apart from the auth and user problem we have to keep in mind that there
are different approaches to perm.
At present phplib has a level-based perm policy. Think about an object
based perm policy.
e.g. a discussion board software with different boards. You have at least
2 objecttypes board and boardmessages.
The boardmessages live in the context of their board. You have different
priv's on these objects. e.g.
bboard_create_forum
bboard_create_message
bboard_write_forum
bboard_write_message
bboard_read_forum
bboard_read_message
bboard_delete_forum
bboard_delete_message
bboard_moderate_forum
Assume you have different boards (board1 and board2).
board1 ist moderated by user1, every user can read,create,write a message
but only the owner and moderator can delete a message.
user1 gets all priv. above on board1. Alle msgs of board1 live in the
context of board1 so these objects inherit the privs of board1 => the
moderator is able to delete all msgs of board1.
Other user have the common privs
bboard_read_forum,bboard_read_message,bboard_write_message.
'bboard_delete_message' is assigned only to their own msgs.
board2 is moderated by user2 ...
This example shows that permission is a little bit more complex than
level based.
'Can this party perform this operation on this target'.
There could also be other approaches to perm.
I think phplib should be open to integrate 'preexisting perms', too.
bye Michael
|
