[Yanel-dev] Re: Access Control User Interface

Paloma Gomez paloma.gomez at wyona.com
Tue Jan 30 16:20:11 CET 2007 

> Hi Paloma,
>
> On Mon, 2007-01-29 at 09:51 +0100, Paloma Gomez wrote:
>> Hi Josias,
>>
>> I have been assigned the creation of the access control user interface.
>> Michi suggested that I implement a YanelUserResource.java that would be
>> responsible for creating, editing and deleting users.
>
> I have the feeling that we lack a concept for cms use-cases and user
> interface. We have a lot of usecases like:
> - manage users
> - create new documents
> - ...
> These usecases could share some common functionality, like
> form-/parameter handling or gui generation (just like the
> usecase-framework in Lenya). I wonder if we could have something like a
> generic UsecaseResource for that. But for the moment it may be ok to
> just create a resource for user management.

I agree with you. I've been told that the admin interface should be
provided by yulup as part of its menus, although I can't remember who told
me that. However, if yanel is to be independent of yulup, as I think it is
intended to be, we will need a user interface and standard mechanisms for
gui generation.

>
>>
>> We have been discussing if all the implementation should be done within
>> YanelUserResource.java or I should split it so the user resource is
>> responsible for the interaction with the user and other classes are
>> actually responsible for creating/modifying/deleting users.
>
> +1 for splitting.

ok ;-)
>
>>
>> I suggested that I add a UserManager.java and a User.java class to the
>> security package to perform these tasks (it would be a schema similar to
>> Lenya's). Michi answered we need to think about it and suggested that I
>> ask you for your opinion.
>
> The proposed API from the bugzilla entry looks good to me.
> The question is how to merge that with the current IdentityManager.
> I think that the Identity is some kind of abstraction of the following
> items:
> - user
> - machine
> - ip range
> - world
> So maybe we could keep Identity.java as a super-class or an interface.
> But I'm not sure which methods to put into Identity.java.

Currently, Identity.java just holds a username and an array containing
groups and provides getter methods for retrieving them. If we want it to
represent any kind of item, we should change the current implementation
since it just considers users. We can make it an interface extended by all
the items we want to consider. Regarding the methods to include, we should
think about what these entities have in common. I guess all of them have
an id, for instance. WDYT?

> Further the IdentityManager still could be the entry point for yanel.

If finally we go for Identity as an abstraction of iprange, user, etc, I
like the idea of keeping the IdentityManager as the entry point to yanel.

> Maybe we could add the methods:
> getUserManager()
> getGroupManager()
> or would it be easier to forget about UserManager/GroupManager and put
> all methods to manage users/groups into IdentityManager?

I'm not sure because later we will have to add methods to manage ip ranges
and the IdentityManager might grow too much.  However, I think we can put
everything into the IdentityManager and split it later if necessary.

Regards,
Paloma



> WDYT?
>
> josias
>
>>
>> You can read the complete discussion at
>>
>> http://bugzilla.wyona.com/cgi-bin/bugzilla/show_bug.cgi?id=5116
>>
>> where there is also a preliminar version that works partially.
>>
>> Thanks,
>>
>> Paloma
>>
>>
>>
>>
>
>
>

More information about the Yanel-development mailing list