Re: [Slashcode-development] ACLs for slashcode

[Chris N. <pu...@po...>]

At 08:26 +0100 2001.03.10, Alvaro del Castillo wrote:
>mysql> desc users_acl;
>+-----------------+---------+------+-----+---------+-------+
>| Field           | Type    | Null | Key | Default | Extra |
>+-----------------+---------+------+-----+---------+-------+
>| uid             | int(11) |      | PRI | 0       |       |
>| op_insert_index | text    | YES  |     | NULL    |       |
>| op_delete_index | text    | YES  |     | NULL    |       |
>| op_admin_index  | text    | YES  |     | NULL    |       |
>+-----------------+---------+------+-----+---------+-------+
>
>
>At the moment we only need to control this three operations, but the
>scheme can be expanded easily.
>
>When a user reach the site, in the users object we also put the ACLs. So
>in $user->{op_insert_index} appear all the sections in which the user
>can
>insert stories. An so on with the other operations.

Yeah, I was thinking about something very similar at one point, and think
this is a nice idea.  I wonder, though, if maybe users_param would be a
better user of this?  So instead of:

>mysql> select op_insert_index from users_acl where uid=45;

You would have:

  select value from users_param where uid = 45 and name = 'op_insert_index';

Or, alternatively, implement users_acl _as_ a param-style table.  The
problem, of course, is that we could have dozens of types of permissions,
and it is easier to just insert a new value than it is to change the schema
each time you want to add a new one (and this would make it more easily
extensible via the admin interface, too).  Also, a table with a few dozen
fields could be slower and more bloated.

-- 
Chris Nandor                      pu...@po...    http://pudge.net/
Open Source Development Network    pu...@os...     http://osdn.com/