Menu
▾
▴
Re: [Slashcode-development] ACLs for slashcode
|
From: Alvaro d. C. <ac...@ba...> - 2001-03-13 07:43:41
|
Brian Aker wrote: > > Alvaro del Castillo wrote: > > If we use the users_param table we don't need to touch getUser and > > setUser, > > no? > True, you could. The only thing that would be left is a table describing > the ACL. > The only thing I worry about is that users_param is a type of text, > which could be slow for very large sites. Which is why you might want > to have a separate table. Course, the table is entirely indexed. > Just put it in users_param, if it turns out to be a performance > issue it will be easy to fix. > > > The changes are reduced to modify the ACL functions that I have included > > in Slash.pm. Is it the correct place? This changes are minimal. > Well, the ACL functions should be in Slash::Utility. This is the first place where I put them. But the I see that I need to access Slash::DB in this functions and this library is not used in Slash::Utility. remove and add ACLs need to access setUser and getUser which are in the Slash::DB API. So the only place where I found that I can put this functions was Slash.pm. I see that in 1.1.5 admin.pl is now a Plugin. If we follow this idea we can start to work in a new "admin" plugin that uses only ACLs. When this plugin is ok, the slashcode user can choose between the ACLs and the seclev versions. But as you have said, we need only one access control model in the future. It could be cool to have more that one access control system using plugins, but i think that with ACLs we can do everything that is described now with the seclev concept and many other things. Bye -- Alvaro > _______________________________________________ > Slashcode-development mailing list > Sla...@li... > http://lists.sourceforge.net/lists/listinfo/slashcode-development -- =================================================== Alvaro del Castillo San Félix ac...@ba... Barrapunto.com |
