Mercurial > p > roundup > code
changeset 875:d19dd123bda2
just some formatting and a minor clarification.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Wed, 17 Jul 2002 21:44:14 +0000 |
| parents | b9da8729d8ff |
| children | 2ccfd7fa0099 |
| files | doc/security.txt |
| diffstat | 1 files changed, 5 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/doc/security.txt Wed Jul 17 13:28:37 2002 +0000 +++ b/doc/security.txt Wed Jul 17 21:44:14 2002 +0000 @@ -2,7 +2,7 @@ Security Mechanisms =================== -:Version: $Revision: 1.8 $ +:Version: $Revision: 1.9 $ Current situation ================= @@ -260,7 +260,8 @@ where the require attribute gives a comma-separated list of permission names which are required, and the node attribute gives a comma-separated list of node properties whose value must match the current user's id. Either of these -tests must pass or the permission check will fail. +tests must pass or the permission check will fail. The section of html within +the side of the ``<else>`` that fails is remove from processing. Authentication of Users @@ -286,6 +287,7 @@ real credentials (username/password) around for each request (this means sessions and hence a session database) - use the new logical control mechanisms + - implement the permission module - implement a Role editing interface for users - implement htmltemplate tests on permissions @@ -298,6 +300,7 @@ - use digital signatures - use the new logical control mechanisms + - switch all code over from using config vars for permission checks to using permissions