I've been doing some thinking on how one could provide an easy to
use and common way of doing security checks/proper
authorization in Turbine. The ACL stuff in Turbine is AWESOME! What I've been
thinking about is a way the would prevent a programmer from having to code security
logic throughout the actions and screens.
Here's my thought. Please feel free to beat me up!
What if we added a SecurityLoader module and a Security class.
The SecurityLoader would operate on Security classes (just like ActionLoader on an
Action). But would have an eval method with two parameters: eval(RunData data ,
Object requiredrights). The Object
parameter could be a specific role or permissions ("add_user"). Or
you could pass an array of permissions for the Security class to evaluate. Then the
programmer could create the Security classes specific to the application. For example:
public class CanEdit extends Security
{
public boolean doCheck(RunData data, Object requiredrights)
{
//someting like this
}
}
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
