comment on

I think the wisest choice is to make a rich authorization system.

The most adequate design I can think up is one where each operation triggers a hook that makes a query into the system to find the needed attributes for that op.

The other part is the object representing the user's session - it also has attributes. Since you speak of this virtual filesystem that owns all the data in the project attributes on users and attributes on parts of the filesystem can be embedded in the filesystem too. This may sound tempting, but I'd be weary of overabstracting.

Then you should design it to make it easy to do two things:

Make the system that checks what attributes are needed for an op check the user object too. Then make the "private channel" attribute optional, on by default, and dependant on that client waiver.
Make SSL connections (and similar transports) enable the "private channel" attribute on the context object

This way you can change add this functionality later on when it has been decided on. If they change their mind later, this feature can be easily removed. If something new comes up, it'll be easy to adapt to it.

It's a sad fact, but all layers of abstraction can sometimes have an unforeseen limiting factor. If your legal department can handle the waiver safely i think making SSL optional a good idea, since it will give your clients more choices on how they want to work with you. I doubt this will come up in practice that often.

Lastly, it might be wise to use a certificate system to ensure that the authz process verifies that the waiver is cryptographically signed by the client (where a the cryptographic signature can be made on behalf of the client when they physically signed the waiver), and that the signature is signed by an authority (or organizations operators). That way at least the protocol is very clear and well defined.

-nuffin
zz zZ Z Z #!perl

In reply to Re: Where to get this kindof advice. by nothingmuch
in thread Where to get this kindof advice. by jpsartre

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.