[nycphp-talk] phpGACL access control
Cliff Hirsch
cliff at pinestream.com
Fri Aug 24 19:24:19 EDT 2007
> As for phpGACL, the feedback I got was that most ACLs out there are
> good at answering one question, from the following list:
>
> 1) "Can I access this object?"
> 2) "Who can access this object?"
>
> The trouble is finding an ACL that is equally adept at doing both.
I understand #1. That's the main point -- access control. But why do I need
#2? To see if I need to bar the door for someone as the # of rules, groups,
users grows increasingly complex?
I like having an instant front-end gui for setting up the ACLs. That's where
phpGACL seems to make sense. But it doesn't solve the issue of implementing it
in an application. I'm guessing thats where a really well designed and
structured front-end controller could be handy. It would just need to check
permission based on a page/action.
Cliff
More information about the talk
mailing list