*.xml

Martin Bartosch Fri, 25 Feb 2005 07:27:11 -0800

Hi,

[XML stuff]
> I recommend to throw away this stuff an replace it by a simpler
> solution. The commands are always loaded. So why do we do not using
> them? I have the following idea:
>
> Example: OpenCA::Server::Command::insert_csr.pm
>
> $AC::operation = "csr insertion";
> $AC::owner = "REQUEST";
>
> The operation is the same like the today's XML tag operation. Owner is a
> simplification with a more powerful logic. If the value is an OBJECT
> CLASS (like REQUEST) then we use the parameter KEY to load the object
> from the database and take the role from the loaded object (e.g.
> approve_csr). If the value is ROLE then we use the parameter role to
> read the role from it (e.g. insert_csr). If the value is empty then
> there is no role.


sounds good. So later on there would be a simple check

$AC::check_authorization() || return undef;

or similar, right?

Martin



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel

Re: [OpenCA-Devel] etc/rbac/cmds/*.xml

Reply via email to