> the security service object is very tightly tied to the user and to the > object in that it is necessary to know how to check for rights and > permissions which is usually not good either.
Yeah, in some ways. However, better to have top-down coupling than bottom-up or lateral coupling. Just like you can't expect your controller to function without a service layer, you can't expect your service layer to operate without a security system, and you can't expect your security system to operate without user information. What I'm saying is that the user information and the security system are different, and modelling it that way. But you're exactly right, there is rarely a 'perfect' solution, especially one that presents itself during the design phase. OO modeling is a very iterative process, the first few iterations can be done with pencil and paper, or a UML tool with great success, but you'll never get to perfection that way, unless you're a friggin' genius. At some point you have to start coding and see what's not quite right, and then fix it. Think of how a car manufacturer does a new model. A lot of time is spent with designers and CAD software, but at some point they build a couple cars, play with them, and make more tweaks, sometimes dramatic ones. Eventually you get your new, close to perfect, car from the assembly line, but there's a lot of work to get to that point. I heard somewhere that it cost GM like $10 billion (yeah, billion) to go from idea to first car of the line for a new model. And apologies for the double post, I didn't see the second one come in until after I'd sent the first one. cheers, barneyb On Thu, 10 Mar 2005 13:34:27 -0600, Jeff Chastain <[EMAIL PROTECTED]> wrote: > > I like this, but then it poses another OO question. By going this route, > the security service object is very tightly tied to the user and to the > object in that it is necessary to know how to check for rights and > permissions which is usually not good either. > > While I like this approach, it is not perfect in the OO sense either. I am > getting the feeling that there is not a 'good solution' in the OO sense for > this as no matter which path you take, you are going to end up breaking some > rule/best practice. Is that about right? > > Thanks > -- Jeff -- Barney Boisvert [EMAIL PROTECTED] 360.319.6145 http://www.barneyb.com/ Got Gmail? I have 50 invites. ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [email protected] with the words 'unsubscribe cfcdev' as the subject of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by CFXHosting (www.cfxhosting.com). An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
