Hi!
On Sep 21, 2009, at 11:10 AM, Ronald Bradford wrote:
What I am unclear of is the policy or thought for user permissions
within Drizzle after user authentication. I'd consider this an
important packaging requirement but I am unclear if anything is
defined for Bell. I will give you a clear example.
How do you plan to restrict users to not creating or altering
objects for example?
How do you plan to restrict users to read only verses read write?
We have authentication right now, we need to add a hook for access and
authorization.
Authorization is what you are asking about... aka do I have CREATE/
SELECT/etc permission.
Access is do I have it to this schema, table, column, etc.
The point for authentication in the system is fairly simple to add,
the one for access is a bit more difficult.
For any of the above the Session object should be used (since it
represents the state of the session for a given query). Better API
would be nice :)
Cheers,
-Brian
_______________________________________________
Mailing list: https://launchpad.net/~drizzle-discuss
Post to : [email protected]
Unsubscribe : https://launchpad.net/~drizzle-discuss
More help : https://help.launchpad.net/ListHelp
