discussion. | |
- Some people are suggesting using phpGACL. During a long IRC chat session, luis concluded:
|
Whole IRC discussion on 2003/10/01 | |
[+]
|
We are considering these improvements for a near future | |
[+]
|
(humaneasy) suggested looking at http://sourceforge.net/projects/auth/ or http://phpgacl.sourceforge.net
Trackers
|
Bugs | |
RFEs | |
secured extranet by groups and individuals
|
RFEs related to current permission system's limitations | |
Those trackers can be easily solved by using phpGACL and adding the spread-permissions feature above. Chealer9
Competition and standards
Discussion/participation
ConsistentPermissionSystemNomenclatureDev with overall system. |
Some ideas from gmuslera | |
[+]
I think that this should work with actual permission implementation and with phpGACL without much changes in actual interface and programs if the above implementation abstraction is done.
|
|
Some Ideas from coofercat (use Entitlements!) | |
[+] Adopt a hierarchical "entitlements" based permissions model. This requires a highly generic data model, and will result in incredible flexibility later on. Many of the benefits only really come along when customisation is included, but here's something of an overview: (I can't draw, so use your imagination). Start with a "top node" called System. System is an "entity". Below system are two countries, UK and US. Whilst they're called countries, they're just entities as well - we've just given them the name "country". The UK entity has the "UKP currency" entitlement, where as the US entity has "USD". Below each country, there might be regions, or functional groups (eg. sales, technical etc). Below each ot those, perhaps more groups, or users. The key thing to note is that the hierarchy can be as high as you want, each entry is just an entity (although we may assign a name to an entity to make it easier for use to understand). The main difference between a "user" and a "group" is that the group does not have the "log on" entitlement. As you go down the hierarchy, you only get access to the hierarchy of permissions enabled above you. For example, in this example, UK based groups get access to "Scottish Pounds" and "English Pounds". This means there must be hierarchical permissions, as well as a hierarchy of entities. There's another complication... granting of entitlements. If a user in the UK is actually a manager, then she may be given the "grant" entitlement on a set of permissions (as well as the "create user" entitlement). Presumably, that manager would not be able to create more managers (so cannot grant the "create user") - that may take a "director" (ie. a manager with "grant create user"). The real complexity and power comes from the building of pages for users. Instead of simply writing a list of menu items, each item is entitled. If there's no entitlement, then you don't see the menu item. That same principle goes for all entities in a page, so in a Tiki sense, menus, modules, rss, etc etc. Clearly, each page has to be built in a "generic" way that checks entitlements. Tiki is no where near that at the moment, because each PHP and TPL is written however the developer wants. With entitlements, all permissions code disappears from the PHP (and put into a library). The page output is less simple too, but once a framework is in place, making an entitlements based application is relatively easy (and as an application developer, you don't need to think about security!). The main advantages are:
|
- |
Description of the permission system for developers: | |
[+] Note: This is just notes for now, it will be formalized and made readable later. |
Overview | |
In tiki there are users and there are groups. A single user can be in many groups, everyone is in the Anonymous group. Each group has a set of permissions assigned to them. See the end-user docs for more information along these lines. From a developer perspective, global variables are created that we can test when wanting to know about permissions. |
When a page loads | |
The permission variables get defined globally, and are of the form $tiki_p_permissionname. They are all set to either 'y' or 'n'. That is why you see lots of scripts containing Copy to clipboard
Then it uses userslib (lib/userslib.php) to figure out what permissions the user has. Specifically, it uses the get_user_permissions function to get a list. Then it goes through and sets $tiki_p_permissionname to 'y'. Then it checks for admin permissions and makes sure that some permissions they imply get assigned. By example, having tiki_p_admin_wiki implies you should have tiki_p_view. The permissions associated to each feature are obtained with get_permissions. At the end, all permissions are set to 'y' if you have tiki_p_admin permission. Note: Besides setting up these permissions, tiki-setup_base.php just sets user preferences. Usage inside template files is: {if $tiki_p_permissionname == 'y'} ... {/if}
|