Changes between Version 6 and Version 7 of BluePrintAuthorizationB


Ignore:
Timestamp:
06/20/10 14:31:18 (11 years ago)
Author:
Dominic König
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • BluePrintAuthorizationB

    v6 v7  
    1414
    1515  - if a method is not restricted, then it is accessible for everyone
    16   - if a method is restricted, then access must be explicitly granted, otherwise its declined (Allow=>Deny order)
     16  - if a method is restricted, then permission must be explicitly granted, otherwise it is denied (Allow=>Deny order)
    1717
    1818Permissions are assigned to roles (not to individual users):
    1919
    20   - roles are stored in auth_group
    21   - admin role is auth_group 1 (cannot be modified)
    22   - all methods on everything are allowed for members of the admin role
     20  - roles are stored in '''auth_group'''
     21  - '''admin''' role is auth_group 1 (cannot be modified)
     22  - membership in the admin role overrides any restrictions everywhere
    2323
    24   - roles are assigned to users by auth_membership
     24  - roles are assigned to users by '''auth_membership'''
    2525    - this can happen either through admin UI or implicitly (no admin interaction)
    2626    - it must be possible to log this