Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re: managing object permissions

by karavelov (Monk)
on Nov 27, 2008 at 13:26 UTC ( #726401=note: print w/ replies, xml ) Need Help??


in reply to managing object permissions

Access-control on objects is somehow ambiguous. The objects are combination on data and behaviour. So you have 2 levels of access control - on data and on behaviour.

1. On data level. Usually you get and store the data in some sort of database. You could implement your access-control policy there, in the database. For example look for "Oracle label security", for Postgresql look pgacl (row-level ACL), sepgsql (integration with SELinux security model),veil (view-based sec.policies) etc. You could configure inheritable permissions with some of these tools

2. For behaviour level access control - you could code it yourself, it is very application dependant so there is no good, universal model for doing this - you do it one way for webapp, another way for Tk app etc.

You are working on some CMS, I suppose it has some kind of behaviour level access control. Look there and change the code to fully suit your needs


Comment on Re: managing object permissions
Re^2: managing object permissions
by ForgotPasswordAgain (Deacon) on Nov 27, 2008 at 14:56 UTC
    Thanks, especially for the pointer to pgacl.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://726401]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (4)
As of 2014-09-24 05:11 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (246 votes), past polls