Aasimon.org Wiki

User Tools

Site Tools

Trace:
pracro:acl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pracro:acl [2011/03/29 14:29] devapracro:acl [2011/04/13 14:33] (current) deva
Line 1: Line 1:
 ======ACL====== ======ACL======
 +=====Server=====
 +====Design1====
 +Templates contain ACLs. The users and roles are defined in a config file.\\
 Template: Template:
 <code xml> <code xml>
 <?xml version='1.0' encoding='UTF-8'?> <?xml version='1.0' encoding='UTF-8'?>
-<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse" aclcommit="nurse,br">+<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse" restrict="employee">
   <macro name="header" static="true"/>   <macro name="header" static="true"/>
-  <macro name="henvisning" aclread="all" aclwrite="all"/>+  <macro name="henvisning"/>
      
   <header caption="Anamnese"/>   <header caption="Anamnese"/>
-  <macro name="allergier" requires="henvisning" aclread="all" aclwrite="doctor"/> +  <macro name="allergier" requires="henvisning" restrict="doctor"/> 
-  <macro name="medicin" requires="henvisning" compact="true" aclread="all" aclwrite="doctor,nurse,br"/> +  <macro name="medicin" requires="henvisning" compact="true" restrict="doctor, nurse"/> 
-  <macro name="alment" requires="henvisning" aclread="doctor" aclwrite="none"/>+  <macro name="alment" requires="henvisning"/>
 </template> </template>
 </code> </code>
-aclXXXXX attributes contain lists of either userids and/or groupids. Currently: 'aclread', 'aclwrite' and 'aclcommit'. 
-aclwrite and aclread can be connected with the template and is inherited to all the contained macros. 
  
 Users and Groups: Users and Groups:
 <code> <code>
-# some config file +# some config file in libconfig++ format 
-user +roles = ( 
-  name 'Birger Rundstok' +          {id="doctor"}, 
-  userid 'br' +          {id="nurse"}, 
-  groups = {'doctor'+          {id="optician"}, 
-}+          {id="employee"
 +        ); 
 +users = ( 
 +          {id="akf"; name="Anne Kaufmann Frederiksen"; roles=("doctor", "nurse","employee)}, 
 +          {id="ua"; name="Ulla Andersen"; roles=("nurse", "employee")}
 +          {id="jbo"; name="Jens Børge Olfgård"; roles=("optician", "employee")}, 
 +          {id="vis"; name="Visitor"; roles=()} 
 +        ); 
 +</code>
  
-group +====Design2==== 
-  name = 'doctor' +No changes to template. ACLs are defined in config file, with 'realms' being templates and macros.\\ 
-  groups {'' +ACL file: 
-}+<code>Syntax: template | :macro | template:macro action rolelist }</code> 
 +<code> 
 +ref_forunders write {"doctor"
 +:henvisning write {"nurse", "doctor"
 +ref_forunders:allergier write {"doctor"
 +</code> 
 + 
 +Users and roles can be defined as in //Design1//
 + 
 +=====Client===== 
 +The data received on the client must indicate what features that is to be enabled for the current user, without the client having to make an explicit user lookup. 
 +Example: 
 +<code xml> 
 +<?xml version='1.0encoding='UTF-8'?> 
 +<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse" 
 +          features="nocommit"> 
 +  <macro name="header" static="true"/> 
 +  <macro name="henvisning" restricted="true"/> 
 +  <macro name="allergier"/> 
 +</template>
 </code> </code>
 +Making the commit button disabled or invisible and the 'henvisning' disabled/locked.
pracro/acl.1301401792.txt.gz · Last modified: 2011/03/29 14:29 by deva