Andreas Hartmann wrote:
Jörn Nettingsmeier wrote:
hi *!
while i'm preparing a patch to change usecase policies to
deny-by-default, it occured to me that we need to modularize default
usecase policies...
how hard will it be to implement the following:
* every module that contains usecases must also contain a
config/ac/usecase-policies.xml
-1
IMO the access control should be up to the publication. The module should
not decide if a usecase is protected - it doesn't even know in which
context (i.e. in which publication) it is used.
that's certainly true. and there is also the problem that modules do not
know which roles are defined in the publication.
but it's not as bad as it sounds: most if not all of the usecases we
have are only used in a single security context, so it should be rare
that a user will not be able to work with the default setting.
the issue remains: with a deny-by-default, a lenya user has to find out
about all usecases in all modules and create appropriate policy entries,
otherwise nothing will work.
this is a grave usability problem, which imho even outweighs your
(perfectly valid) concerns...
i'd suggest that we define a standard set of roles that is "core"
functionality. we also mandate that each module define default usecase
policies based on these core roles.
if a user a user wants to roll her/his own, they may do so, but then
they are on their own.. :)
alternatively, modules could patch empty policies for their usecases
into all publications that use them at build time:
<usecase id="whizbangmodule.transmogrifyHyperspace"><role id=""/></usecase>
then we can add documentation that users must take care of those
policies, and they will easily be able to add them.
--
"Open source takes the bullshit out of software."
- Charles Ferguson on TechnologyReview.com
--
Jörn Nettingsmeier, EDV-Administrator
Institut für Politikwissenschaft
Universität Duisburg-Essen, Standort Duisburg
Mail: [EMAIL PROTECTED], Telefon: 0203/379-2736
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
