Re: [Phplib-users] Giancarlo Pinerolo (pingus) auth patch
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
Re: [Phplib-users] Giancarlo Pinerolo (pingus) auth patch
|
From: Giancarlo P. <gia...@na...> - 2002-06-07 00:30:41
|
Layne Weathers wrote:
>
> > Layne Weathers wrote:
> > >
> > > > The perm->check feature I have to fix, to return
> > > > true/false instead of showing perminvalid (which was
> > > > absurd anyway, you'd want a login/register form instead)
> > >
> > > You don't have to 'fix' anything. That's exactly what
> > > $perm->have_perm() does. $perm->check() is a shortcut to test
> > > and then show perminvalid if have_perm() failed.
> > >
> > > No, it isn't absurd. The login/register form should be
> > > there if no valid $auth is in place. The perminvalid makes
> > > perfect sense if the user is already logged in and does not
> > > have permission to access the page. I assume that each user
> > > has only one user account,
> >
> > You can be wrong here
>
> I think I can deal with being wrong.
>
> However, even if users have multiple accounts, I believe there is a
> difference between the login/register page and the perminvalid page that
> explains the lack of permission and suggests that the user login at a higher
> level in the provided login form.
>
> To my mind, the person who is logged in already needs to see why they can't
> access the page. In your multiple accounts scenario, the person logging in
> for the first time might very well want to see what perms are necessary to
> use the page so they can login at the correct level. In your scenario the
> two pages are very similar, but in my scenario they aren't.
But no. The permivalid action can set whatever error message in
$auth->auth[error], even with the explanation that the page had before
(your perms are user, you eed admin...), and show the loginform
>
> In the end, I'm happy as long as I can get the functionality I want without
> entirely rewriting the class(es).
As you correctly pointed out to me, there's no need to rewrite anything
in perm, ($perm->have_perm('whatever') is alredy there.
Don't worry, I won't fix anything.
But when you write software, you know that is always a lot easyer to
make anything that's multiuser work as monouser, than vv.
So 'not knowing 'how to read nor how to write...' I choose that other
assumption.
Gian
|
