3 May
2004
3 May
'04
3:06 p.m.
hi,
there are two management interfaces for smallwiki available at cincom
store:
1) SmallWiki Admin Default: interface to the original security model of
smallwiki. easy to use and understand
2) SmallWiki Admin: interface to the extended security model of
smallwiki. more complex.
1) functionality of default interface:
======================
- create/delete users
- assign roles to users
- create/delete roles
- assign permissions to roles
restrictions that apply via the interface:
- an admin can only assign those roles to users that he has created
himself or that he owns himself.
- an admin can only delete the roles that he has created himself.
- an admin can only delete users that he has created himself.
- an admin can only assign those permissions to a role that he owns himself.
- BUT: an admin can redefine any role he wants to. therefore he is able
to remove permissions from some other admin roles!
modification to original model:
- when a user visits the root of the wiki tree, the permissions of his
role(s) are removed (cleanup).
(this is necessary when a role is not defined at the root of the wiki
tree, but at some 'lower' level in the tree.)
2) functionality of extended interface:
========================
- create/delete users
- assign roles to users
- create/delete roles
- assign permissions to roles
- create a barrier role in order to stop the acquisition mechanism for
the other roles at the same level.
restrictions that apply via the interface:
- an admin can only manage roles and users that he has created himself.
- an admin can only manage permissions that he owns himself. i.e., he
can only add/remove those permissions that he owns.
modification to the original model:
- the computation of roles is done in a different way (using some sort
of acquisition that is similar to the zope model)
FAQ:
====
1) when should I use the interface 1?
=> when just one administrator is managing the wiki site.
2) when should I use the interface 2?
=> when you have several administrators, that are responsible for
'their' part (structures, roles, users) of the wiki site.
documentation:
==========
- the documentation (the difference of the two models are explained and
discussed) of these two models is available at:
http://www.iam.unibe.ch/~scg/smallwiki/smallwiki_models_description.pdf
- the management interface to the default securtity model described in
this docmentation (smallwiki_models_description.pdf) is already enhanced:
- an admin can only assign those roles to users that he has created
himself or that he owns himself.
- an admin can only delete the roles that he has created himself.
- an admin can only delete users that he has created himself.
- an admin can only assign those permissions to a role that he owns
himself.
cheers,
david.
3 May
3 May
5:03 p.m.
hi,
notes concerning images, css, and javascript
in order to make use of the overview functions and to include the images
and style sheets, I refer to the section 'Accessing the Admin Advanced
Interface' in the appendix "SMALLWIKI IN A NUTSHELL" of the documentation:
http://www.iam.unibe.ch/~scg/smallwiki/smallwiki_models_description.pdf
cheers,
david.
ps. the interface works properly without these css and javascript, but
some nice functionality (collabsible wiki tree etc.) will get lost :-(
david vogel wrote:
hi,
there are two management interfaces for smallwiki available at cincom
store:
1) SmallWiki Admin Default: interface to the original security model
of smallwiki. easy to use and understand
2) SmallWiki Admin: interface to the extended security model of
smallwiki. more complex.
1) functionality of default interface:
======================
- create/delete users
- assign roles to users
- create/delete roles
- assign permissions to roles
restrictions that apply via the interface:
- an admin can only assign those roles to users that he has created
himself or that he owns himself.
- an admin can only delete the roles that he has created himself.
- an admin can only delete users that he has created himself.
- an admin can only assign those permissions to a role that he owns
himself.
- BUT: an admin can redefine any role he wants to. therefore he is
able to remove permissions from some other admin roles!
modification to original model:
- when a user visits the root of the wiki tree, the permissions of his
role(s) are removed (cleanup).
(this is necessary when a role is not defined at the root of the
wiki tree, but at some 'lower' level in the tree.)
2) functionality of extended interface:
========================
- create/delete users
- assign roles to users
- create/delete roles
- assign permissions to roles
- create a barrier role in order to stop the acquisition mechanism for
the other roles at the same level.
restrictions that apply via the interface:
- an admin can only manage roles and users that he has created himself.
- an admin can only manage permissions that he owns himself. i.e., he
can only add/remove those permissions that he owns.
modification to the original model:
- the computation of roles is done in a different way (using some sort
of acquisition that is similar to the zope model)
FAQ:
====
1) when should I use the interface 1?
=> when just one administrator is managing the wiki site.
2) when should I use the interface 2?
=> when you have several administrators, that are responsible for
'their' part (structures, roles, users) of the wiki site.
documentation:
==========
- the documentation (the difference of the two models are explained
and discussed) of these two models is available at:
http://www.iam.unibe.ch/~scg/smallwiki/smallwiki_models_description.pdf
- the management interface to the default securtity model described in
this docmentation (smallwiki_models_description.pdf) is already
enhanced:
- an admin can only assign those roles to users that he has created
himself or that he owns himself.
- an admin can only delete the roles that he has created himself.
- an admin can only delete users that he has created himself.
- an admin can only assign those permissions to a role that he owns
himself.
cheers,
david.
7297
days inactive
7297
days old
1 comments
1 participants
participants (1)
-
david vogel