On 3/31/06, Jorge Godoy <[EMAIL PROTECTED]> wrote:
>
> "Kevin Horn" <[EMAIL PROTECTED]> writes:
>
> > I've seen mentioned several times on this list that an eventual goal of the
> > identity system in TurboGears is to be able to specify the required groups,
> > permissions, etc. for access to a resource in a config file. This would
> > allow an administrator, rather than a developer, to set security policy. I
> > have not seen any ideas on how this would actually work, though. Is anyone
> > actively working on this? In case the answer is no, here are some ideas
> > that I just had...
>
> I believe that the configuration file for parts of the code will be there only
> when FirstClass arrive (WSGI version of TG)...
Configuration will certainly be a little different in FirstClass
(focusing more on application-oriented config, rather than
path-oriented config).
Identity, as it is today, is very simple to use, and that's a good
place to start. What I'd be interested in seeing later is an
incorporation of RuleDispatch, which will allow much more arbitrary
collections of rules to determine what people can access -- going well
beyond just users and groups. ("Group A can access this resource
Monday-Friday only")
I don't have an immediate use case for this myself, but if someone
does we can certainly talk about it.
Kevin
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---
