======ACL====== =====Server===== ====Design1==== Templates contain ACLs. The users and roles are defined in a config file.\\ Template:

Users and Groups:


# some config file in libconfig++ format
roles = (
          {id="doctor"},
          {id="nurse"},
          {id="optician"},
          {id="employee"}
        );
users = (
          {id="akf"; name="Anne Kaufmann Frederiksen"; roles=("doctor", "nurse","employee)},
          {id="ua"; name="Ulla Andersen"; roles=("nurse", "employee")},
          {id="jbo"; name="Jens Børge Olfgård"; roles=("optician", "employee")},
          {id="vis"; name="Visitor"; roles=()}
        );

====Design2==== No changes to template. ACLs are defined in config file, with 'realms' being templates and macros.\\ ACL file: Syntax: template | :macro | template:macro action { rolelist }


ref_forunders write {"doctor"}
:henvisning write {"nurse", "doctor"}
ref_forunders:allergier write {"doctor"}

Users and roles can be defined as in //Design1//. =====Client===== The data received on the client must indicate what features that is to be enabled for the current user, without the client having to make an explicit user lookup. Example:

Making the commit button disabled or invisible and the 'henvisning' disabled/locked.