[daisy] New feature: finegrained/partial read access
Bruno Dumon
bruno at outerthought.org
Tue Sep 4 07:22:34 CDT 2007
On Mon, 2007-08-27 at 11:13 +0200, Bruno Dumon wrote:
<snip/>
> ACL evaluation
> ---------------
> When evaluating the ACL, grant-read rules which appear later overwrite
> the earlier result, that is, the access details of the last matching
> grant-read rule will be used (there is no merging of the access details
> here).
<snip/>
As written above, the access details were a sort of settings object
attached to read-grant permission. The access details of the last grant
were those that were used.
Now I have changed this so that the access details behave more like
normal permissions: they are specified by a tri-state
grant/deny/do-nothing, and each detail permission will individually
overwrite (or not) the previous state.
By following the same logic as for the main permissions, this should be
easier to understand, and it also allows more powerful ACL
configuration.
--
Bruno Dumon http://outerthought.org/
Outerthought - Open Source, Java & XML Competence Support Center
bruno at outerthought.org bruno at apache.org
More information about the daisy
mailing list