George G. Gkasdrogkas wrote [edited]:
> I would like to request more informations about user roles in CLIO.
[...]
> We first initialize-setup CLIO. In the beginning there are neither
> components nor user accounts. Users have to register to be able to create
> and use components in their project. The privileges are graded to users for
> each component separately. For example, userA creates simple components cA
> and cB.
no, this is wrong. Simple Components (in the "catalog")
are shared between (i.e., can be used by) all Complex Components.
okay, let me try once more, with the analogy of recipes.
CLIO is a system for online managing of recipes.
obviously many people/organizations may be running
discrete instances of CLIO.
each CLIO instance has a "catalog" of cooking ingredients
("Simple Components"). this list of available ingredients
is being managed by a specific group of people:
they are the only ones who, besides "salt" and "chicken"
can add a new ingredient called "soy sauce".
many more people can use the system in order to save
their recipes ("Complex Components"). for example,
userA (who cannot edit the catalog) creates his recipe
for "Greek Salad" and specifies that it uses the ingredients
"tomatoes", "feta cheese", "olive oil" and "onions".
if he also wants to add "oregano" but this is not
already available in the catalog, he is stuck.
he has to ask for its inclusion in the catalog,
wait for the completion and then add it.
this request may be handled outside Clio --
it's not first priority for implementation.
another user, userB, also uses the same system
to add his own recipe, using "tomatoes", "mozarella"
and "olive oil" ("Caprese Salad", obviously).
userA should not be able to modify userB's recipe
and the opposite.
yet another user, user C, who might not even have logged in,
may be able to see both recipes -- but obviously not modify them.
is this any clearer?
please note that, besides Simple Components,
Complex Components may also be used as building blocks.
as an example, stretching the previous analogy,
another userX may create his own entry "Full Lunch"
which can include "Greek Salad" and "Steak with fries".
> Where should we save the roles for each user and how exactly?
> In the LDAP server?
if the CLIO instance is using an external LDAP server,
the authentication (username/passwords) and role access control
(e.g., able to modify the catalog?) will be offloaded
to the LDAP server.
obviously all access to LDAP will be read-only.
any information that CLIO needs to keep
(e.g. catalog of Simple Components, contents of Complex Components,
who created or changed what, etc.)
will have to be stored in a local database (RDBMS, probably).
--
-- zvr --
-- +---------------------------+ Alexios Zavras (-zvr-)
| H eytyxia den exei enoxes | zvr [ at ] zvr [ dot ] gr
+-----------------------zvr-+
----
Λαμβάνετε αυτό το μήνυμα απο την λίστα: Γενική λίστα αλληλογραφίας που απευθύνεται σε developers/contributors έργων ανοικτού λογισμικού - A general discussion list for developers/contributors of open-source projects,
https://lists.ellak.gr/opensource-devs/listinfo.html
Μπορείτε να απεγγραφείτε από τη λίστα στέλνοντας κενό μήνυμα ηλ. ταχυδρομείου στη διεύθυνση <opensource-devs+unsubscribe [ at ] ellak [ dot ] gr>.