[Slashcode-development] The ACL debate conclusion

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

El 09 Jun 2001 03:33:18 -0700, Brian Aker escribió:
> Alvaro del Castillo wrote:
> > and admin plugin rol. We can have an ACL that controls this. It could be
> > a good idea to test the ACL system with this simple plugin to learn the
> > possibilities of the ACL system ;-) If not, we can use the seclev
> > system. To activate a plugin you need to have more that 5000 or 10000.
> You know, I can not remember where we ended up with the debate on ACL's.
> Pudge, do you remember?

I can ;-) But the actual solution is different:

- A plugin for ACLs with the ACL functions
- A plugin AdminACL that use this library

Chris Nandor wrote:
> Yeah, I was thinking about something very similar at one point, and
think
> this is a nice idea.  I wonder, though, if maybe users_param would be
a
> better user of this?  So instead of:
I would keep it out of users_param, but use the same schema. 

> Or, alternatively, implement users_acl _as_ a param-style table.  The
> problem, of course, is that we could have dozens of types of
permissions,
> and it is easier to just insert a new value than it is to change the
schema
> each time you want to add a new one (and this would make it more
easily
> extensible via the admin interface, too).  Also, a table with a few
dozen
> fields could be slower and more bloated.
The param style table is actually pretty quick for look ups. 

If the schema was modified to resemble a param table and we had patches
for getUser() and setUser() I would probably be all for including it.

It might be nice also to have a seperate table which described param's
currently in use.
        -Brian

-- Alvaro