RE: secure tag and permissions

[Timothy Heald]

Lee,     I personally agree with you.  They say that the things we code represent real things.  Well I prefer to look and groups (or roles if you will) as they can be related to the real world.  Yes both ideas work, I just can conceptualize one easier.   Tim Heald ACP/CCFD :) Application Development www.schoollink.net -----Original Message----- From: Lee Borkman [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 04, 2002 4:14 PM To: [EMAIL PROTECTED] Subject: Re: secure tag and permissions Well, as I say, you have stated this basic point before, and it continues to elude me ;-) For example, you can grant John the single permission of being able to read articles.  You do this by setting one of the Bit flags in John's permission array.  I do it by adding John to the ArticleReaders group.  What's the difference? You complina that I am blurring the distinction between Groups and Permissions.  I don't believe I am.  I simply maintain that Group Membership is the only quality needed to derive Permissions (eg to figure out if John can read articles).  By treating Permissions as though they have some independent existence outside of Group membership, I believe that *you* confuse the matter ;-) What's a Permission? Show me one? It's a very abstract little beastie.  Too abstract for me.  You talk about assigning John a permission without assigning him to a group - I say that's a non-meaningful concept, like a side-salad without a meal. Still, as I say, I haven't seen any functional difference demonstrated yet.  Moreover, if I receive a Fusedoc created by you, Hal, I can code the fuse perfectly well using permissions and bitMath.  I consider the two views to be functionally equivalent, but I think one of them's just a little stange. Anyway, it's an ontological, metaphysical problem, and like most of those, has little bearing on the real world. (I know you disagree). Thanks, LeeBB ----- Original Message ----- From: hal helms   I think you're missing a very basic point here, Lee. I am NOT saying that John, since he has permissions to read and write articles, is a manager. I'm saying that John has those permissions. So do the group known as managers. I can grant John these permissions without making him a member of any group. You cannot. Without the separation of permissions and roles, you have no way of granting John those permissions other than making him a member of a group. ... And, in contradiction to what you state, I completely agree that a group is something different than the sum of its permissions. One attribute of a group is what permissions it has; another might be the color of the background used. Maybe members of the Travellers group have stuff output for Pocket PCs. My method draws a true distinction between the two; by mixing roles and permissions, the distinction is blurred. ==^================================================================ This email was sent to: archive@jab.org EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================