Changes between Version 55 and Version 56 of BluePrintAuthenticationAccess


Ignore:
Timestamp:
05/14/09 21:07:21 (13 years ago)
Author:
Fran Boon
Comment:

Update for current reality

Legend:

Unmodified
Added
Removed
Modified
  • BluePrintAuthenticationAccess

    v55 v56  
    6060There are 3 modes for Authorisation right now:[[BR]]
    6161 * simple:
    62   * Anonymous access is currently granted for all Read operations
    63   * Create/Update/Delete requiring a user to be Authenticated
    64  * table:
    65   * Uses Web2Py's Role-Based Access Control for table-level control (can be separated for C/R/U/D)
    66  * record:
    67   * Uses Web2Py's Role-Based Access Control for record-level control (can be separated for C/R/U/D): http://groups.google.com/group/web2py/browse_thread/thread/e4b54f08ec6b66f9
     62  * Anonymous access is granted for all Read operations
     63  * Create/Update/Delete requires a user to be Authenticated
     64 * full:
     65  * Uses Web2Py's Role-Based Access Control for table-level &/or record-level control (can be separated for C/R/U/D)
     66   * http://groups.google.com/group/web2py/browse_thread/thread/e4b54f08ec6b66f9
    6867
    69 NB 'table' & 'record' modes requires each permission to be explicitly granted.[[BR]]
    70 For 'table' mode, we default to having all registered users as 'Readers' & only 'Administrators' being able to Create/Update/Delete. Administrators can manually add other users to 'Editors' if-required.[[BR]]
     68NB 'full' mode requires each permission to be explicitly granted.[[BR]]
     69We default to having all 'Authenticated' users able to Reade & only 'Administrators' being able to Create/Update/Delete. Administrators can manually add other users to 'Editors' if-required.[[BR]]
    7170Modules can provide further restrictions in {{{models/zzz.py}}}
    72 
    73 'record' mode currently has no framework support to ease administration & hence isn't yet recommended.
    7471
    7572Whether a user is authorised or not is defined using {{{has_permission()}}} in {{{models/__db.py}}} & called by the [wiki:BluePrintREST RESTlike controller]
    7673
    7774We use {{{auth_group}}} table for Roles & {{{auth_membership}}} to show which roles a user has.
    78  * admin role initialised in {{{_db.py}}}
     75 * admin role initialised in {{{__db.py}}}
    7976 * 1st user to register gets Administrator role
    8077