[racktables-users] user ACL how to
- From: "Jesús M. Navarro" <jesus.navarro@xxxxxxxxxx>
- To: racktables-users@xxxxxxxxxxxxx
- Date: Sat, 21 Jun 2008 18:07:47 +0200
Hi, list:
I've been having a look at the userPermission table and I'm having troubles
about what the expected format for "page" and "tab" fields is. On the other
hand, I'm not clear if the page/tab approach makes so much sense. I see the
need for a general "read only" and "read and write" ACL and then some
granular high level one (probably attached to the "tag" concept), so the
user-cases become more or less like:
* Some people (some global admin) has read-write access to everything
* Some people (maybe some manager) has read-only access to everything
* Some people (maybe some client) has read-only access to their own assets
(say, all the objects at whatever location, maybe a rack and its contents)
* Some people (maybe some delegated sysadmin) has read-write access to some
delegated assets (maybe location-based, "our sysadmin at Colorado Springs",
maybe kind-of-object-based, "our network guru with access to all routers").
A second, only partially related question: I think your code has some hard
dependencies on php5, but it's all procedural even when at least some places
seem to be crying for OOP (the auth code, for instance). Is there any reason
not to use classes that I should be aware of?
Cheers.
Other related posts:
