Aasimon.org Wiki

User Tools

Site Tools

Trace:
pracro:acl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
pracro:acl [2011/03/29 14:11] – created devapracro:acl [2011/04/13 14:33] (current) deva
Line 1: Line 1:
 ======ACL====== ======ACL======
 +=====Server=====
 +====Design1====
 +Templates contain ACLs. The users and roles are defined in a config file.\\
 Template: Template:
 <code xml> <code xml>
 <?xml version='1.0' encoding='UTF-8'?> <?xml version='1.0' encoding='UTF-8'?>
-<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse" aclcommit="nurse,br">+<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse" restrict="employee">
   <macro name="header" static="true"/>   <macro name="header" static="true"/>
-  <macro name="henvisning" aclread="all" aclwrite="all"/>+  <macro name="henvisning"/>
      
   <header caption="Anamnese"/>   <header caption="Anamnese"/>
-  <macro name="allergier" requires="henvisning" aclread="all" aclwrite="doctor"/> +  <macro name="allergier" requires="henvisning" restrict="doctor"/> 
-  <macro name="medicin" requires="henvisning" compact="true" aclread="all" aclwrite="doctor,nurse,br"/> +  <macro name="medicin" requires="henvisning" compact="true" restrict="doctor, nurse"/> 
-  <macro name="alment" requires="henvisning" aclread="doctor" aclwrite="none"/>+  <macro name="alment" requires="henvisning"/>
 </template> </template>
 </code> </code>
  
-Groups:+Users and Groups:
 <code> <code>
-# some config file +# some config file in libconfig++ format 
-user +roles = ( 
-  name 'Birger Rundstok' +          {id="doctor"}, 
-  userid 'br' +          {id="nurse"}, 
-  groups = {'doctor'+          {id="optician"}, 
-}+          {id="employee"
 +        ); 
 +users = ( 
 +          {id="akf"; name="Anne Kaufmann Frederiksen"; roles=("doctor", "nurse","employee)}, 
 +          {id="ua"; name="Ulla Andersen"; roles=("nurse", "employee")}
 +          {id="jbo"; name="Jens Børge Olfgård"; roles=("optician", "employee")}, 
 +          {id="vis"; name="Visitor"; roles=()} 
 +        );
 </code> </code>
 +
 +====Design2====
 +No changes to template. ACLs are defined in config file, with 'realms' being templates and macros.\\
 +ACL file:
 +<code>Syntax: template | :macro | template:macro action { rolelist }</code>
 +<code>
 +ref_forunders write {"doctor"}
 +:henvisning write {"nurse", "doctor"}
 +ref_forunders:allergier write {"doctor"}
 +</code>
 +
 +Users and roles can be defined as in //Design1//.
 +
 +=====Client=====
 +The data received on the client must indicate what features that is to be enabled for the current user, without the client having to make an explicit user lookup.
 +Example:
 +<code xml>
 +<?xml version='1.0' encoding='UTF-8'?>
 +<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse"
 +          features="nocommit">
 +  <macro name="header" static="true"/>
 +  <macro name="henvisning" restricted="true"/>
 +  <macro name="allergier"/>
 +</template>
 +</code>
 +Making the commit button disabled or invisible and the 'henvisning' disabled/locked.
pracro/acl.1301400673.txt.gz · Last modified: 2011/03/29 14:11 by deva