Re: Pier user in context

If your friend means "model" when talking about "business logic", he is right: the security decoration is a pure model object, that works exactly the same for all views, not just seaside one. Thanks to the nature of visitors one can easily control how security concerns are handled when performing operations. Yes, the code modeling the unix permissions is quite simple to read, of course you can tweak that behavior if you need to. I think it comes quite close what unix does, but I no unix expert. SUSecurity>>isAllowedCommand: aCommandClass in: aContext (aContext user notNil and: [ aContext user isSuperuser ]) ifTrue: [ ^ true ]. (self owner = aContext user) ifTrue: [ ^ self ownerCommands includes: aCommandClass ]. (self group notNil and: [ self group includes: aContext user ]) ifTrue: [ ^ self groupCommands includes: aCommandClass ]. ^ self otherCommands includes: aCommandClass I am not quite sure if I understand your question, maybe you can deduce the answer from the above code yourself? Basically every security decoration knows a list of all allowed commands for the owner, the group and all the others, like the unix "rwx", but for all available commands in the system. The security decoration does not care what it decorates, e.g, when giving the permission to admin to remove the root page, he still won't be able to do that simply because the remove-command does not work on the root, something that is enforced by the command itself. Cheers, Lukas -- Lukas Renggli http://www.lukas-renggli.ch