[Solar-talk] Solar_Access and "process" keys

[Paul M Jones]

Hi all,

Currently, Solar_Access expects 6 elements per access control:

* flag (allow/deny)
* type (handle/role)
* name (the handle or role name, or *)
* class (the controller class name)
* action (the action within that controller)
* process (the process within that action)

I am considering removing the "process" key entirely for two reasons:

1. I never use it in practice.  ;-)

2. It's very difficult to determine what process is being invoked,  
because the process value is presented as a localized string, not a  
simple key.  E.g., if the current process is "Save", you can ask "is  
this a save process?" but you can't say "tell me what process was  
requested".  (Building in that functionality seems prohibitive,  
because you'd have to find out what the available PROCESS_* keys are,  
and then check the incoming process value against each of those  
localized values.)

Is anyone else actually using the "process" key in practice for their  
access control lists?  If so, how are you figuring out which value to  
send to the Solar_Access_Adapter::isAllowed() method?

If nobody here is using it, I think it'd be best to pull it out.

And as long as we're here, any feedback on how Solar_Access is working  
out?

Thanks guys.  :-)


-- pmj