MozillaWiki

Update:Remora Permissions: Difference between revisions

Update Discussion

Update:Remora Permissions (view source)

Revision as of 00:06, 29 April 2007

1,111 bytes removed ,  29 April 2007
no edit summary
No edit summary
 
(One intermediate revision by one other user not shown)
Line 2: Line 2:
== Backdrop ==
== Backdrop ==
We tried to use db_acl, but the implementation meant too much overhead for our relatively simple requirements.  Mainly we wanted to lock down access by group/role.  We opted to go with the [http://www.thinkingphp.org/2006/10/03/a-lightweight-approach-to-acl-the-33-lines-of-magic/ 33 lines of magic] approach which is simpler by design and was [http://en.wikipedia.org/wiki/Mike_Shaver shaver]'s first preferred choice.  Read the blog to see why it can get the job done even if it isn't completely normalized and abstracted.
We tried to use db_acl, but the implementation meant too much overhead for our relatively simple requirements.  Mainly we wanted to lock down access by group/role.  We opted to go with the [http://www.thinkingphp.org/2006/10/03/a-lightweight-approach-to-acl-the-33-lines-of-magic/ 33 lines of magic] approach which is simpler by design and was [http://en.wikipedia.org/wiki/Mike_Shaver shaver]'s first preferred choice.  Read the blog to see why it can get the job done even if it isn't completely normalized and abstracted.
See also: [[Update:Admins/Groups|AMO User Groups]]


== Permissions ==
== Permissions ==
Line 39: Line 41:
         $this->SimpleAuth->startup($this);
         $this->SimpleAuth->startup($this);
         $this->SimpleAcl->startup($this);
         $this->SimpleAcl->startup($this);
I '''was''' able to use this even when I was in an action that was in the aclExceptions array.
I '''was not''' able to use this when ->enabled=false for SimpleAcl and SimpleAuth.  It seems that disabling the components render them useless.  So that means that for all-public controllers, if you want to access permission data you'll have to use aclExceptions instead of using the beforeFilter method of turning off permissions.  If you don't, you'll get false for all inquiries because the components are disabled.
* This worked fine for me. [[User:Fligtar|Fligtar]] 03:33, 30 March 2007 (PDT)


== Disabling Permissions in Controllers ==
== Disabling Permissions in Controllers ==
Line 60: Line 57:
     $this->SimpleAcl->enabled=false;
     $this->SimpleAcl->enabled=false;
  }
  }
== Special Permissions ==
=== Fake Actions ===
The following fake actions have been created for use in groups:
* Admin:EditAnyAddon - can edit any add-on as if the owner
* Admin:EditAnyLocale - can edit any locale
=== Locales ===
For use with the Localization Control Panel, if you only want a user to be able to VIEW the locale data, you should give permission Localizers:View. If you want him to be able to edit a locale, you should give him Localizers:{locale}, for example Localizers:de. If you want him to be able to edit any locale, give Admin:EditAnyLocale.


== Controller Notepad ==
== Controller Notepad ==
Fligtar
canmove, Confirmed users, Bureaucrats and Sysops emeriti
1,043

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/53526...55436"