Aasimon.org Wiki

User Tools

Site Tools

Trace:
pracro:acl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pracro:acl [2011/04/11 09:27] devapracro:acl [2011/04/13 14:33] (current) deva
Line 1: Line 1:
 ======ACL====== ======ACL======
 +=====Server=====
 +====Design1====
 +Templates contain ACLs. The users and roles are defined in a config file.\\
 Template: Template:
 <code xml> <code xml>
 <?xml version='1.0' encoding='UTF-8'?> <?xml version='1.0' encoding='UTF-8'?>
-<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse"+<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse" restrict="employee">
-  <acls> +
-    <acl action="commitentity="nurse/> +
-    <acl action="commit" entity="br"/> +
-  </acls> +
   <macro name="header" static="true"/>   <macro name="header" static="true"/>
-  <macro name="henvisning" aclread="all" aclwrite="all"/>+  <macro name="henvisning"/>
      
   <header caption="Anamnese"/>   <header caption="Anamnese"/>
-  <macro name="allergier" requires="henvisning"+  <macro name="allergier" requires="henvisning" restrict="doctor"/> 
-    <restrictions> +  <macro name="medicin" requires="henvisning" compact="true" restrict="doctor, nurse"/> 
-      <restrict action="read" role="all"/> +  <macro name="alment" requires="henvisning"/>
-      <restrict action="write" role="doctor"/> +
-    </restrictions> +
-  </macro> +
- +
-  <macro name="medicin" requires="henvisning" compact="true" aclread="all" aclwrite="doctor,nurse,br"/> +
-  <macro name="alment" requires="henvisning" aclread="doctor" aclwrite="none"/>+
 </template> </template>
 </code> </code>
-aclXXXXX attributes contain lists of either userids and/or groupids. Currently: 'aclread', 'aclwrite' and 'aclcommit'. 
-aclwrite and aclread can be connected with the template and is inherited to all the contained macros. 
  
 Users and Groups: Users and Groups:
 <code> <code>
-# some config file +# some config file in libconfig++ format 
-user +roles = ( 
-  name 'Birger Rundstok' +          {id="doctor"}, 
-  userid 'br' +          {id="nurse"}, 
-  roles = {'doctor''employee'+          {id="optician"}, 
-}+          {id="employee"
 +        ); 
 +users = ( 
 +          {id="akf"; name="Anne Kaufmann Frederiksen"; roles=("doctor""nurse","employee)}, 
 +          {id="ua"; name="Ulla Andersen"; roles=("nurse", "employee")}
 +          {id="jbo"; name="Jens Børge Olfgård"; roles=("optician", "employee")}, 
 +          {id="vis"; name="Visitor"; roles=()} 
 +        ); 
 +</code>
  
-role { +====Design2==== 
-  name = 'doctor+No changes to template. ACLs are defined in config file, with 'realmsbeing templates and macros.\\ 
-}+ACL file: 
 +<code>Syntax: template | :macro | template:macro action { rolelist }</code> 
 +<code> 
 +ref_forunders write {"doctor"
 +:henvisning write {"nurse", "doctor"
 +ref_forunders:allergier write {"doctor"
 +</code>
  
 +Users and roles can be defined as in //Design1//.
 +
 +=====Client=====
 +The data received on the client must indicate what features that is to be enabled for the current user, without the client having to make an explicit user lookup.
 +Example:
 +<code xml>
 +<?xml version='1.0' encoding='UTF-8'?>
 +<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse"
 +          features="nocommit">
 +  <macro name="header" static="true"/>
 +  <macro name="henvisning" restricted="true"/>
 +  <macro name="allergier"/>
 +</template>
 </code> </code>
 +Making the commit button disabled or invisible and the 'henvisning' disabled/locked.
pracro/acl.1302506875.txt.gz · Last modified: by deva