I'm starting the implementation of the security provider
now. As I'm working
on it, it occurs to me that our privilege names might need
to change
slightly. Right now we have Read, Edit, and Administer.
Administer is the
one that concerns me.
The problem as I see it is that if a statement like
AllowAdminister: user:candera
appears somewhere, it would be reasonable to assume that
candera is being
granted the right to administer the _wiki_, when in fact
they are being
given permission to administer a _namespace_. Confusion is
further
engendered by the fact that we have a /admin directory, and
access to it has
nothing whatsoever to do with whether you have
AllowAdminister anywhere.
So I'm thinking maybe the permission should be called
AdministerNamespace.
Like so:
AllowAdministerNamespace: user:candera
DenyAdministerNamespace: role:Users
Thing is, that's sort of verbose.
Thoughts?
------------------------------------------------------------
-------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the
chance to share your
opinions on IT & business topics through brief surveys -
and earn cash
http://www.techsay.com/default.
php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Flexwiki-users mailing list
Flexwiki-users lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/flexwiki
-users
|