On Mon, Apr 17, 2006 at 03:17:56PM +0200, Christopher Lenz wrote:
> I think that 0.11 is already pretty loaded with major changes, so
> targeting this at 0.12 may be better for now. Depends on the scope of
> the changes, of course... if it's not that much, 0.11 may be okay.
What I'm thinking is that the core of the policy system is actually
quite a small patch, already committed in fact.
The only real remaining question is how to represent resources, which of
course could turn into a *huge* change depending on how it were to be
implemented.
If resources are simply represented as a tuple or the actual object
itself (I would prefer that for now) then the patch can stay quite
minimal.
req.has_permission('WIKI_VIEW', ('wiki', 'WikiStart'))
or
req.has_permission('WIKI_VIEW', WikiPage(env, 'WikiStart'))
So the question is, if we go with this now, what is the policy on API
backwards compatibility?
(This is actually a general query as well, not just for this discussion)
I guess if Trac moves to a more generic way of representing resources,
many interfaces will break anway :)
> >So, regarding terminology? :) I suggest calling them 'resources', as
> >'objects' is very generic, and connotative of having some extra
> >functionality that may not exist. Not everything the security system
> >applies to will refelect this, eg. about/config pages.
> >
> > user X has permission to user resource Y
>
> or rather:
>
> subject S is [granted|denied] permission to do action A (with
> resource R)?
Yes, quite true. Late night mails cause incoherence!
can S perform A (on R)?
--
Evolution: Taking care of those too stupid to take care of themselves.
_______________________________________________
Trac-dev mailing list
[email protected]
http://lists.edgewall.com/mailman/listinfo/trac-dev
