======ACL======
=====Server=====
====Design1====
Templates contain ACLs. The users and roles are defined in a config file.\\
Template:
Users and Groups:
# some config file in libconfig++ format
roles = (
{id="doctor"},
{id="nurse"},
{id="optician"},
{id="employee"}
);
users = (
{id="akf"; name="Anne Kaufmann Frederiksen"; roles=("doctor", "nurse","employee)},
{id="ua"; name="Ulla Andersen"; roles=("nurse", "employee")},
{id="jbo"; name="Jens Børge Olfgård"; roles=("optician", "employee")},
{id="vis"; name="Visitor"; roles=()}
);
====Design2====
No changes to template. ACLs are defined in config file, with 'realms' being templates and macros.\\
ACL file:
Syntax: template | :macro | template:macro action { rolelist }
ref_forunders write {"doctor"}
:henvisning write {"nurse", "doctor"}
ref_forunders:allergier write {"doctor"}
Users and roles can be defined as in //Design1//.
=====Client=====
The data received on the client must indicate what features that is to be enabled for the current user, without the client having to make an explicit user lookup.
Example:
Making the commit button disabled or invisible and the 'henvisning' disabled/locked.