Re: [Tsheetx-developers] security model

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

My feedback: it looks very complicated, for something that at the moment is relatively simple.
So does it justify introducing a lot of code, and bugs, for the feature that it brings (finer user access control)?

Date: Thu, 17 Feb 2011 09:32:57 +0000
From: ma...@rw...
To: tsh...@li...
Subject: Re: [Tsheetx-developers] [SPAM] Re: security model

Hi Peter, 

The privilege levels i.e. user, reporter, manager, administrator would be created as different user groups.  A user can be a member of several groups.

so
user table:
1 admin
2 joe bloggs
3. test user

user group table:
guest
user
reporter
manager
admin

user group assignment
admin -> administrator
admin -> manager
joe blogs ->user
joe blogs ->report
test user ->user
test user ->report

privilege table:
1. monthly,view
2. stopwatch, view
3. clockings, edit
4. reports, view 

privilege assignment:
reporter -> 4 (reports,view) granted
user ->1 (...) granted
user ->2 granted
manager ->3 granted
test user ->4 denied

If a request to access an area that hasn't been defined in a users access control list then it is a denied access.
If a user is denied access at any point that is it.  Denied.  i.e. test user above is granted access to reports through the reports group but
is denied access on a specific user basis.  Therefore he is denied access.  A deny should always overrule an allow in my opinion.

The (monthly, view) bit is just a way of allowing pseudo groups of privileges to exist so that they can be searched more easily. The fact that
it is two fields 'monthly', 'view' has no real effect.

In terms of default user groups this would be configured.  An unlogged in user is part of the group guest.  A new signup is part of the group user.
So therefore I would add an extra group above 'tsx_users' so that a new signup has to request access to be able to start using the timesheet functions.  Alternatively an admin could register a new user and give them access straight away.

Please could I have some feedback on my proposed update?

Regards
Mark Wrightson