User Tools

Site Tools


pracro:acl

Table of Contents

ACL

Server

Design1

Templates contain ACLs. The users and roles are defined in a config file.
Template:

<?xml version='1.0' encoding='UTF-8'?>
<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse" restrict="employee">
  <macro name="header" static="true"/>
  <macro name="henvisning"/>
 
  <header caption="Anamnese"/>
  <macro name="allergier" requires="henvisning" restrict="doctor"/>
  <macro name="medicin" requires="henvisning" compact="true" restrict="doctor, nurse"/>
  <macro name="alment" requires="henvisning"/>
</template>

Users and Groups:

# some config file in libconfig++ format
roles = (
          {id="doctor"},
          {id="nurse"},
          {id="optician"},
          {id="employee"}
        );
users = (
          {id="akf"; name="Anne Kaufmann Frederiksen"; roles=("doctor", "nurse","employee)},
          {id="ua"; name="Ulla Andersen"; roles=("nurse", "employee")},
          {id="jbo"; name="Jens Børge Olfgård"; roles=("optician", "employee")},
          {id="vis"; name="Visitor"; roles=()}
        );

Design2

No changes to template. ACLs are defined in config file, with 'realms' being templates and macros.
ACL file:

Syntax: template | :macro | template:macro action { rolelist }
ref_forunders write {"doctor"}
:henvisning write {"nurse", "doctor"}
ref_forunders:allergier write {"doctor"}

Users and roles can be defined as in Design1.

Client

The data received on the client must indicate what features that is to be enabled for the current user, without the client having to make an explicit user lookup. Example:

<?xml version='1.0' encoding='UTF-8'?>
<template name="ref_forunders" version="1.0" title="Refraktiv kirurgi forundersøgelse"
          features="nocommit">
  <macro name="header" static="true"/>
  <macro name="henvisning" restricted="true"/>
  <macro name="allergier"/>
</template>

Making the commit button disabled or invisible and the 'henvisning' disabled/locked.

pracro/acl.txt · Last modified: 2011/04/13 14:33 by deva