Allen Gilliland wrote:
i also like that you've redone the permission table, which seems to
simplify things as well, but can we carry that on from my suggestion
above and just store all permission data in that table, including
roles and weblog permissions? would that work?
this way if you add all of that up we are greatly reducing the
security framework into these methods ...
public boolean checkPermission(RollerPermission perm, User user);
public void grantPermission(RollerPermission perm, User user);
public void revokePermission(RollerPermission perm, User user);
public List<RollerPermission> getPermissions(User user);
is that feasible?
Hi,
Just a couple of notes:
. I've discovered that the Lulu equivalent of checkPermission() has
a big weakness: when permission is denied, there's no way to indicate to
the user why. It'd be nice to think how the authz framework could
indicate "server is down" versus "the administrator thinks you are a
schmo", so that the user has more information beyond being told "You are
not allowed to do that."
. Also note that the possible outcome of permission checking could
concievably go beyond "allowed" or denied". For example, if a user is
trying to post a comment to a blog post, "requires_moderator_approval"
is a valid checkPermission() result in addition to "allowed" and
"denied". So it might make sense to return a PermissionResultCode
instead of just a bool. I can't think of any other permissions checking
result codes that might be needed beyond these three, but it's worth
allowing for.
. grantPermission & revokePermission may be combined into one
routine: setPermission(RollerPermission perm, User user,
PermissionResultCode result_code). If the authz framework needs to
execute actions when a permissions is changed, it can do that work itself.
. getPermissions() (and to some extent grantPermission &
revokePermission) may not work in situations where the result of
checkPermission() is a calculated result rather than a stored value.
Just want to clarify whether grant/revoke/getPermissions will be called
except in the Roller UI for editing permissions...
Best,
-- Elliot
