Menu
▾
▴
Re: [Phpwiki-talk] Re: auth prefs
|
From: Jeff D. <da...@da...> - 2002-10-05 02:46:08
|
My random comments... > Then each action needs a central permission check in main(). > For display, save/remove and various other executable plugins. > I would move the basic read/write checks from main() to the WikiDB > level. I'd leave it where it is, I think. It's the WikiDB's job to tell you the owner and protection mode (which it already does via meta-data). > Then we have to enhance requiredAuthority ($action) to > requiredAuthority ($action, $page), That seems fine. Except that requiredAuthority is a method of WikiRequest which already knows the $page, I think.... > 1) > "SELECT groupname FROM $user_group_tbl WHERE username=$username" > > vs. > > 2) (Group data in wiki pages) > In #1 there is one DB call and in #2 there will be 1+N DB calls (where N > > is the number of groups). #2 is not going to scale up very well. #1 requires an SQL backend as well as modifications to WikiDB (or a separate interface to the SQL db). There are speed issues with #2, but I don't think they're as bad as Joby says. Each page belongs to only one group, so for a given access we only have to check for membership in a single group --- not all groups... |
