[Solar-talk] acl and roles
Jeff Surgeson
solar at 3hex.com
Mon Feb 12 02:01:13 PST 2007
Hi
I have been setting up my access and role classes, this is the first time I
have attempted using acl so am not very familiar with them as I have always
used a very basic role system.
I understand that there are 3 ways I can use the solar role/access classes.
1. I can use the solar_role class on it own as a basic role access system
2. I can use the solar_access class as a full role/class/action/process system
having role and acl in one class and data model.
3. I can use both solar_role and solar_access classes together having user
roles and acl stored separately and accessed via solar_role and solar_access.
I have successfully setup and used both ways but have a few questions.
Why would I want to have roles in a separate data model and handled by a
separate role class when I can do both in solar_access, is there a
circumstance that I would want them separate, or is it just good practice to
keep them separate?
Also if I want to represent a "ANON" user in the acl that can access a certain
class how would I do it? currently I can do it like this..
allow handle NULL Vendor_App_Class * *
which then gives a user that is not logged in access to any action and process
in Vendor_App_Class as his session handle is NULL. Surely this is not the
correct way to do it is it?
--
...........::::::...........
Jeff Surgeson / South Africa
More information about the solar-talk
mailing list