LampCMS development and php tips
Announcements and articles about this site development and stuff like that
Access control and permissions control
Access control:
think how to make per-user and per-group access list
2 types of access control: resource
and action
By default all users are given NONE of the permissions
and gain them only through group membership
This means a user does not have to have a record
in USER_PERMISSIONS table
the USER_PERMISSIONS table
and GROUP_PERMISSIONS table
should have same columns, either permission names or permission_id
======
The access control will be modeled after the Zend ACL, but will
be somewhat different.
Anyway, all things that require access control must then implement
RESOURCE interface, meaning it must have
owner_id
title
description
created_date
last_modified_time
and resource_type_id
think how to make per-user and per-group access list
2 types of access control: resource
and action
By default all users are given NONE of the permissions
and gain them only through group membership
This means a user does not have to have a record
in USER_PERMISSIONS table
the USER_PERMISSIONS table
and GROUP_PERMISSIONS table
should have same columns, either permission names or permission_id
======
The access control will be modeled after the Zend ACL, but will
be somewhat different.
Anyway, all things that require access control must then implement
RESOURCE interface, meaning it must have
owner_id
title
description
created_date
last_modified_time
and resource_type_id
