Re: secure tag and permissions

[Lee Borkman]

Hmm, maybe I have misunderstood the thrust of what you are saying here, Steve. Are you saying that whatever the security model used, be it Groups or Permissions or Colour or Crede, the "beautiful" thing about Hal's model is that each fuse merely expects two binary numbers: the requiredProperty (eg., 0100), the userProperties (eg, 11000011). It doesn't matter what these properties represent - they could be atomic permissions or rich group memberships, the fuse doesn't care.  It just compares the requiredProperty with the userProperties (BitAnd), and hey presto, we have our answer. Now that. I admit, is cool. Is that what we were arguing about all along?  I hope not. ;-) LeeBB ----- Original Message ----- From: Steve Nelson To: [EMAIL PROTECTED] Sent: Saturday, April 06, 2002 6:26 AM Subject: Re: secure tag and permissions While I don't agree with your method of security, I would never say it's wrong...... if you would change one minor minor thing for me. First of all, compare these: 1) <cfif isMember(groupsthatCanReadArticles)> 2) <cfif userhaspermissions(listofpermissions, canreadarticles)> 3) <cfif listfind("canreadarticles, caneditcarticles, candeletearticles", "canreadarticles")> 4) <cfif canreadarticles> 5) <cfif articlereadergroup> Now, out of those 5, which are tied to one specific security model and which are not? 1, 2 and 3 are. 4 and 5 have NOTHING to do with any particular security model. They are merely boolean values. What I'm asking that you do, is ignore the fact that you check a series of groups and Hal checks a series of permissions. It honestly doesn't matter, it's a matter of semantics. Both methods can be boiled down to simple boolean variables. Your fusedocs, fuseactions and circuits will define the necessary boolean variables it needs to work, and your security model will define those variables. It's that simple. When you realize the true power of what Hal is suggesting, the only thing you have to do is unplug your security model and plug another one in it's place, your fuses, fuseactions and circuits will (should) continue to work like they did before.   ==^================================================================ This email was sent to: archive@jab.org EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================