So, here is the jist of the brainstorm, with some almost code... what
do ya'll think?
Radiant ACL proposal (very rough!)
Step #1 Deal with Caching
Inject a method into show_page to call the authentication system. We
need to know what page is being rendered so that we can pull group
information. I propose passing the page as to the show page module to
facilitate this. At first, I would suggest that this only applies to
the admin pages. It would be pretty easy to allow pluggable user
modules to overwrite the base one, and you could add granular rights
to any page.
In our environment, even with small teams, there are certain pages
that only the leadership portion of the team should be able to view.
def show_page(page)
if authenticator(page.find.groups(:all))
render_page
else
render_login_error_page
end
end
def render_page
response.headers.delete('Cache-Control')
url = params[:url].to_s
if (request.get? || request.head?) and live? and
(@cache.response_cached?(url))
@cache.update_response(url, response, request)
@performed_render = true
else
show_uncached_page(url)
end
end
Step 2 - Validate Access
The authenticator would look something like this:
def authenticator(groups)
unless session[:id].nil?
user = User.find(session[:id])
effective_groups = user.find.groups & groups
for group in effective_groups
case group.rights
when 0 #denied access
redirect_to_login and return false
when 1 #read only
return true
when 2 #read and write
#some action to allow folks to edit
when 3 #read, write and grant
#some action to allow folks to edit, and add people to the ACL
end
else
if groups.include?(anon_group_id)
return true
else
return false
end
end
end
On Dec 21, 2007 7:37 AM, Greg <[EMAIL PROTECTED]> wrote:
> I am planning on putting a few hours into playing with this today - I
> will post my outcomes.
>
>
> On Dec 21, 2007 1:47 AM, Aitor Garay-Romero <[EMAIL PROTECTED]> wrote:
> > Currently there is no ACL support in Radiant. This has been proposed and
> > discussed in this list, search the archives.
> >
> > I have been brainstorming about this lately and i have some ideas for
> > working in a "security extension" in the future. I have done some UML
> > diagrams and pen-on-paper mocks of a possible UI, but nothing tangible yet.
> > Maybe in the next wave of energy+motivation...
> >
> > /AITOR
> >
> >
> > On Dec 19, 2007 6:00 PM, Rick Henderson <[EMAIL PROTECTED]> wrote:
> >
> > > Greetings all,
> > >
> > > New to Radiant and the community, but my hope is that my co-worker and I
> > > can contribute a lot to the project in the years to come.
> > >
> > > That being said, our first step is to develop a user extension for
> > > Radiant. We need the ability to add users and group security to our site
> > > pages.
> > >
> > > Has this been proposed, or worked on, yet? Are their any "hooks" in the
> > > code for doing this that we can leverage in making this extension?
> > >
> > > If there is no pre-positioned ability for this we thought about handling
> > > this through the use of a tag perhaps and then utilizing the inheritance
> > > of
> > > Radiant to pass down the security in the sections required.
> > >
> > > In closing, I just have to say that I love the simplicity and power of
> > > how
> > > Radiant is designed. It's organization allows for a very flexible system
> > > to
> > > be developed.
> > >
> > > Thanks for the hard work so far on this great project!
> > >
> > > - Mystic
> > > _______________________________________________
> > > Radiant mailing list
> > > Post: [email protected]
> > > Search: http://radiantcms.org/mailing-list/search/
> > > Site: http://lists.radiantcms.org/mailman/listinfo/radiant
> > >
> > _______________________________________________
> > Radiant mailing list
> > Post: [email protected]
> > Search: http://radiantcms.org/mailing-list/search/
> > Site: http://lists.radiantcms.org/mailman/listinfo/radiant
> >
>
>
>
> --
> Da Dukk, on the road again!
> http://www.NWGamers.org - for a good time!
> http://greg.nokes.name Ramblings from the Roost - For a Bad Time!
>
--
Da Dukk, on the road again!
http://www.NWGamers.org - for a good time!
http://greg.nokes.name Ramblings from the Roost - For a Bad Time!
_______________________________________________
Radiant mailing list
Post: [email protected]
Search: http://radiantcms.org/mailing-list/search/
Site: http://lists.radiantcms.org/mailman/listinfo/radiant
