comment on

Access-control on objects is somehow ambiguous. The objects are combination on data and behaviour. So you have 2 levels of access control - on data and on behaviour.

1. On data level. Usually you get and store the data in some sort of database. You could implement your access-control policy there, in the database. For example look for "Oracle label security", for Postgresql look pgacl (row-level ACL), sepgsql (integration with SELinux security model),veil (view-based sec.policies) etc. You could configure inheritable permissions with some of these tools

2. For behaviour level access control - you could code it yourself, it is very application dependant so there is no good, universal model for doing this - you do it one way for webapp, another way for Tk app etc.

You are working on some CMS, I suppose it has some kind of behaviour level access control. Look there and change the code to fully suit your needs

In reply to Re: managing object permissions by karavelov
in thread managing object permissions by ForgotPasswordAgain

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


No such thing as a small change
	PerlMonks