Basically looking for ideas on access-control of objects. I assume this kind of problem is common, but I don't see modules for it. Sorry if I don't explain this well.

I work on a CMS, when I'm not too lazy :). We have objects like "Story", "Workflow", "Desk", "User", "Element", ... These correspond to one or more database tables. The permissions are mostly object-specific, so a user or group will have READ or EDIT or PUBLISH permissions for a Story, say. In some ways it's a nice system, but one thing I don't like is there's not really a natural way to make the objects hierarchical. For example, if a Desk is in a Workflow, I'd want the Desk to inherit permissions from the Workflow. Another thing I dislike is that we basically have to instantiate all the objects before filtering out the ones the user doesn't have permission for. I think I'd prefer something like a JOIN in the database to take care of that.

The best approach I've found so far is probably what's known as role-based access control, though this is just an idea rather than a module/implementation. Someone also mentioned LDAP, which I need to get up to speed on (I associate it with sysadminny things like single sign-on but not with object-level use in an application). Any other ideas? It seems like something that must be common in Catalyst applications, for example.

In reply to managing object permissions by ForgotPasswordAgain

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.