user roles
Derek Atkins
warlord@MIT.EDU
03 Jan 2001 21:29:08 -0500
David Merrill <dmerrill@lupercalia.net> writes:
> > Transaction ::= {
> > ...
> > Acl acl
> > }
>
> Oh, so that's what you meant when you said the objects define the acl.
Yep :)
> > enum {USER, GROUP}
> > GUID userID
> > GUID groupID
> >
> > The point being a means to have (one of) either group or userid in a
> > single table row.
>
> Unfortunately, that is not supported by most rdbms. I think Oracle
> will support it by defining refint to a UNION query, but that doesn't
> help us.
Hrm.. I see the problem with this approach, then. I guess there is
no way to define a single namespace for users and groups, huh? Sigh.
> > > ACL
> > > ---
> > > acl_guid
> > > set of permissions
>
> This is a complete set of permissions to all objects.
But that could get huge? What if I wanted to put a different acl on
every single Transaction? That would be a HUGE enumeration in the
table. The other problem is that determining what the ACL is on a
particular object becomes very hard, so viewing and changing the acl
on a specific object is extremely challenging, no?
> > warlord Read, Write, Admin
> > dmerril Read, Write
> > groupX Read
>
> Ahah! That is a big concept that I was lacking. An acl is specific to
> an object. I conceptualized it as containing settings for all objects.
> That's why there is no AclEntry in my layout.
Ok.
> > Then in the Transaction, Account, Split, or whatever, you reference an
> > Acl. E.g., I'd reference the above ACL from the account
> > "Account::Payable".
>
> Do you mean that within the transaction table itself would be a
> reference to an acl?
Yes. Each Transaction would reference an acl that defines the access
for that particular transactin.
> > ACL
> > ---
> > acl_guid
> > acl_number
>
> What is the benefit of having separate acls for each object, rather
> than just one acl that includes fields for all objects? Perhaps this
> is not what the whole concept of an acl *is*, but I've never seen it
> done that way.
The benefit is that you might want to put a different acl on each
_instance_ of an object. For example, each transaction might need a
different acl, or each account might have a different acl.
[snip]
> Yes, the concept is the same. I thought so.
Then perhaps I just don't see how you do it given the data structures
that you've defined. It seems like you have to be able to reference
every object in the acl table, rather than reference the acls from the
objects. I would think there would be much less data my way, because
you have many fewer ACL choices than you do transactions.
Also, I think it's much easier to ask an object: what is your acl?
> Sure, that would be great. I'm at 919-859-9706, but I can only talk at
> night. My boss wouldn't appreciate it. :-)
It's a bit late tonight; could you let me know what time tomorrow I
shoud call you? I'm in US/Eastern, but I can call you as soon as you
are available (after 4:30).
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available