No such thing as a small change | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Access-control on objects is somehow ambiguous. The objects are combination on data and behaviour. So you have 2 levels of access control - on data and on behaviour. 1. On data level. Usually you get and store the data in some sort of database. You could implement your access-control policy there, in the database. For example look for "Oracle label security", for Postgresql look pgacl (row-level ACL), sepgsql (integration with SELinux security model),veil (view-based sec.policies) etc. You could configure inheritable permissions with some of these tools 2. For behaviour level access control - you could code it yourself, it is very application dependant so there is no good, universal model for doing this - you do it one way for webapp, another way for Tk app etc. You are working on some CMS, I suppose it has some kind of behaviour level access control. Look there and change the code to fully suit your needs In reply to Re: managing object permissions
by karavelov
|
|