On Mon, Feb 22, 2010 at 10:14 AM, Mike Teehan <[email protected]> wrote:
> Hello everyone. Just trying to get my head around the new Wt::Dbo::Dbo
> class... Basically, this lets you move some of your code into the db object's
> class, right?
>
> Example:
> I have a getUserList() function that queries the db to find all the users
> (class User) who can log in. This function lives in the login code. Once I
> switch to deriving my User from Dbo::Dbo, I can then move getUserList()
> to be part of the User class, better sharing the functionality.
>
> If this is the case, it looks like I have a bit of refactoring to do.
That is what I do, my user system is made up of three classes, which
are User, Group, and Permission. User's are members of Groups, and
can also have specialized Permissions for them. Groups just have
Permissions on them. Permissions have an associated identifier and a
Deny flag. I have a function in each of those classes called
something like has_permission.
has_permission in the Permission class just tests if the passed in id
equals the id of that permission, if false it tests if its id is root,
if false it returns disallowed. If its id is root is true then it
returns allowed if deny is false, but if deny is true then it returns
denied, or if the original id test is true, it returns allowed if deny
is false, or it returns denied if deny is true.
has_permission in the Group class just calls has_permission on each of
the contained Permissions and aggregates the returned values as
described below.
has_permission in the User class just calls has_permission on each
Group, then on each direct Permission.
The thing it returns is basically boost::tribool,
indeterminate==disallowed, true==allowed, false==denied (and those are
the actual keywords I use in the code, actually in my latest version
it is a quadbool, contains super-true named root, I decided to give
root a super-override to the deny override). If there is even one
denied, it returns all the way down the function path directly without
testing any other Groups/Permissions, and that Permission is denied
outright. If the user does not have that permission any way,
disallowed is returned, else allowed is returned, basically lets me do
things like this:
if(userPtr.has_permission("edit_table_"+lexical_cast<std::string>(tablePtr.getIndex())))
{
// this user has edit table permissions on this table
}
And my classes have many more functions in them too, so yes, fill them up.
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
witty-interest mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/witty-interest
