RE: [Phplib-users] handle perm in auth
Brought to you by:
nhruby,
richardarcher
Menu
▾
▴
RE: [Phplib-users] handle perm in auth
|
From: Rob H. <rob...@ws...> - 2002-10-10 00:15:04
|
WARNING FEATURE REQUEST FEATURE REQUEST!!!!!!
Gian,
I have seen several apps lately (especially content management apps) that
require different perms per page. I was going to suggest a perm extension
something like page_open('perms' => 'perPagePerms('identifier')); that
would set permissions on a per page or module or whatever basis. Can you
have that done by tomarrow? ;-)
Rob Hutton
Web Safe
www.wsafe.com
**********************************************************************
Introducing Symantec Client Security - Integrated Anti-Virus,
Firewall, and Intrusion Detection for the Client.
Learn more:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=2&PID=11624271
View our Symantec Client Security Demo:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=3&PID=11624271
Download the Symantec Client Security Fact Sheet:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=4&PID=11624271
Download the Symantec Client Security Brochure:
http://enterprisesecurity.symantec.com/symes238.cfm?JID=5&PID=11624271
> -----Original Message-----
> From: php...@li...
> [mailto:php...@li...]On Behalf Of Giancarlo
> Sent: Wednesday, October 09, 2002 7:42 PM
> To: phplib-users
> Subject: [Phplib-users] handle perm in auth
>
>
> you know, the perm stuff was added later to phplib. And there are
> in fatc two
> ways of working with phplib: auth check is dome at the obj start,
> perm has to
> be checked in the page eventually. auth is start-checked, perm has to be
> post-checked.
>
> So imagine the possibility of handling perm->has_the_moon within your
> extended auth class methods... It is an alternative anyway,
> something that
> with the new design becomes possible.
>
> I propose you these two pieces, one of the actual page.inc
> (snapshot), and
> the other of tomorrow's. There is infact no difference in the
> flow, just a
> lot of development doors open, eg by extending the lifetime
> concept from an
> unique general value, to something related to the permissions.
> Ofcourse, we could also add a new $perm->check_expire functionality, and
> place it everywhere needed, but...the auth[exp] is broken logic
> also, because
> it doesn't tell us the expire that was calculated on, and this
> new snapshot
> coming out is ready for this new fubctionality.
>
> With this I think the circle is really closed, and I am surprised
> myself how
> many things went right and how this all in fact changes nothing
> in the usual
> usage.
>
> Maybe an interesting discussion.
>
> Will work on this, thanks all
>
> Gian
>
>
>
> <snip>
> I attach you a page inc that perfectly works with the latest snapshot.
>
> The revolution is that the perm object can be started before the
> auth object
> is started, even though after it has been instantiated.
> This is perfectly functional, an allows further, optional,
> development and
> usage
> I attach a commented version of a part of it. I'd wait for this,
> although it
> has no practical differences but just opens doors.
>
> I hope I am not getting a crab with this..
>
>
> ----------old (snapshot) page.inc--------------------------------
> # the auth feature depends on sess
> if (isset($feature["auth"])) {
> global $auth;
>
> if (!is_object($auth)) {
> $auth = new $feature["auth"];
> }
> $auth->start();
> ####################################################
> ## start does not rely on the perm obj anyway
> ## start does not set any of his auth[perm] values, except,
> ## if not authed, start() will clear his auth[perm],
> splash and exit
> ## this is the only action of auth on its own auth[perm]
> ####################################################
> # the perm feature depends on auth and sess
> if (isset($feature["perm"])) {
> global $perm;
>
> if (!is_object($perm)) {
> $perm = new $feature["perm"];
> }
> }
>
> # the user feature depends on auth and sess
> ...
>
> ---------new page.inc------------------------------------------------
>
> # the auth feature depends on sess
> if (isset($feature["auth"])) {
> global $auth;
> if (is_object($auth))
> $auth= $auth->check_feature($feature["auth"]);
> else
> $auth = new $feature["auth"];
>
> #########################################
> # the perm object is started if requested
> #########################################
> # the perm feature depends on auth and sess
> if (isset($feature["perm"])) {
> global $perm;
>
> if (!is_object($perm)) {
> $perm = new $feature["perm"];
> }
> }
>
> ####################################################
> ## start does not rely on the perm obj
> ## start does not set anyof his auth[perm] values, except,
> ## if not authed, start() will clear his auth[perm],
> splash and exit
> ## this is the only action of auth on its own auth[perm]
> ####################################################
> ## ***** BUT WE CAN CHECK STUFF FROM PERM,
> ## eg assign different auth->lifetime for different perms ******
> ## ***** in is_authenticated/check_expire
> ########################################################
>
> if (!$auth->start() ) { ### user is not authenticated, nobody
> if (!$auth->nobody) { ### page cannot be seen by
> unauthed users
> page_showform(); ### splash the form
> $sess->freeze(); ### save state
> exit;
> }
> }
>
> # the user feature depends on auth and sess
> ...
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Phplib-users mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phplib-users
>
>
|
