Mercurial > p > roundup > code
comparison doc/security.txt @ 865:261a71cb7f7f
Some refinements
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Sun, 14 Jul 2002 23:16:52 +0000 |
| parents | e07e5903c3b4 |
| children | a3de8f9b2ede |
comparison
equal
deleted
inserted
replaced
| 864:76c6db876c14 | 865:261a71cb7f7f |
|---|---|
| 1 =================== | 1 =================== |
| 2 Security Mechanisms | 2 Security Mechanisms |
| 3 =================== | 3 =================== |
| 4 | 4 |
| 5 :Version: $Revision: 1.5 $ | 5 :Version: $Revision: 1.6 $ |
| 6 | 6 |
| 7 Current situation | 7 Current situation |
| 8 ================= | 8 ================= |
| 9 | 9 |
| 10 Current logical controls: | 10 Current logical controls: |
| 190 description="User may register through the web") | 190 description="User may register through the web") |
| 191 ma = perm.create(name="Mail Access", | 191 ma = perm.create(name="Mail Access", |
| 192 description="User may log in through email") | 192 description="User may log in through email") |
| 193 mr = perm.create(name="Mail Registration", | 193 mr = perm.create(name="Mail Registration", |
| 194 description="User may register through email") | 194 description="User may register through email") |
| 195 aa = perm.create(name="Access Everything", | 195 ae = perm.create(name="Access Everything", |
| 196 description="User may access everthing") | 196 description="User may access everthing") |
| 197 role.create(name="User", description="A regular user, no privs", | 197 role.create(name="User", description="A regular user, no privs", |
| 198 permissions=[wa, wr, ma, mr]) | 198 permissions=[wa, wr, ma, mr]) |
| 199 role.create(name="Admin", description="An admin user, full privs", | 199 role.create(name="Admin", description="An admin user, full privs", |
| 200 permissions=[aa]) | 200 permissions=[ae]) |
| 201 ro = role.create(name="No Rego", description="A user who can't register", | 201 role.create(name="No Rego", description="A user who can't register", |
| 202 permissions=[wa, ma]) | 202 permissions=[wa, ma]) |
| 203 | 203 |
| 204 in init(): | 204 in init(): |
| 205 | 205 |
| 206 r = db.getclass('role').lookup('Admin') | 206 r = db.getclass('role').lookup('Admin') |
| 207 user.create(username="admin", password=Password(adminpw), | 207 user.create(username="admin", password=Password(adminpw), |
| 209 | 209 |
| 210 # choose your anonymous user access permission here | 210 # choose your anonymous user access permission here |
| 211 #r = db.getclass('role').lookup('No Rego') | 211 #r = db.getclass('role').lookup('No Rego') |
| 212 r = db.getclass('role').lookup('User') | 212 r = db.getclass('role').lookup('User') |
| 213 user.create(username="anonymous", roles=[r]) | 213 user.create(username="anonymous", roles=[r]) |
| 214 | |
| 215 Then in the code that matters, calls to ``hasPermission`` are made to | |
| 216 determine if the user has permission to perform some action. | |
| 214 | 217 |
| 215 | 218 |
| 216 Authentication of Users | 219 Authentication of Users |
| 217 ----------------------- | 220 ----------------------- |
| 218 | 221 |
| 234 - authenticate over a secure connection | 237 - authenticate over a secure connection |
| 235 - use unique tokens as a result of authentication, rather than pass the user's | 238 - use unique tokens as a result of authentication, rather than pass the user's |
| 236 real credentials (username/password) around for each request (this means | 239 real credentials (username/password) around for each request (this means |
| 237 sessions and hence a session database) | 240 sessions and hence a session database) |
| 238 - use the new logical control mechanisms | 241 - use the new logical control mechanisms |
| 242 - implement the permission module | |
| 243 - implement a Role editing interface for users | |
| 244 - implement htmltemplate tests on permissions | |
| 245 - switch all code over from using config vars for permission checks to using | |
| 246 permissions | |
| 247 - include config vars for initial Roles for anonymous web, new web and new | |
| 248 email users | |
| 239 | 249 |
| 240 The mail gateway must be changed to: | 250 The mail gateway must be changed to: |
| 241 | 251 |
| 242 - use digital signatures | 252 - use digital signatures |
| 243 - use the new logical control mechanisms | 253 - use the new logical control mechanisms |
| 244 | 254 - switch all code over from using config vars for permission checks to using |
| 255 permissions | |
| 256 | |
| 245 The command-line tool must be changed to: | 257 The command-line tool must be changed to: |
| 246 | 258 |
| 247 - use the new logical control mechanisms (only allowing write | 259 - use the new logical control mechanisms (only allowing write |
| 248 access by admin users, and read-only by everyone else) | 260 access by admin users, and read-only by everyone else) |
| 249 | 261 |