[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: UU Database
As long we are on the same page in terms of functional requirements, I
think we'll be fine.
Few key points about this project:
1. It's open-source, which means there will be many istances of this
application running, most
of whilch we will not be controlling in any way at all. Thus, our own
production database will
have lot stricter requirements and far greater access restrictions then
what we will provide to
public - basically DBA job for each instance will be handled by local
DBAs ;-)
2. Developers have no business messing with production databases - they
can mess with
their own local instances. Thus I don't see a need for special developer
role.
3. "Object" sharing is one of key functions, and thus application-level
access control will be
somewhat more complex then in any other such application. This means we
need to work out
access control concepts that will ease management for Root(s), Object
creators/owners,
object editors, and object users (i.e. students, and people simply
reusing objects), without
encumbering actual work.
BTW, as far as "root" access goes - I am not yet sure, but I suspect
easiest thing to do
would be to write separate application, that would use completely
different access
to database, and use different access control methods (i.e. HTTPS+Basic
HTTP Auth, i.e. .htaccess)
Thing is - for 99.9% of things UU itself should not allow deletion of
objects (due to sharing)
However, under certain conditions we may still want to remove them. i.e.
someone posts
inappropriate materials, some courses created for testing purposes and
abandoned later,
so we may want to remove them, etc. So, to make everything as safe as
possible, we may
follow your idea - create a separate user, that will have delete access,
and create separate
"admin" application (or better said "admin subsystem" of UU
application), that will be responsible
for such tasks.
Just an idea to be commented on.
On another note. It seems like our access control and object sharing
sections of functional
spec could use some love. They are bit too terse at the moment.
Alexey Parshin wrote:
> Оно прояснится. С моей точки зрения - пока все более-менее
> оговаривается. С shared objects пока неясно. Но мы еще поговорим на
> эту тему. А так - я в выходные буду пытаться запустить Postgress, и
> посмотрю - что он может. Мне очень важно выполнить несколько жестких
> условий с самого начала, иначе потом получится неуправляемый монстрик.
> После того как они выполнены - и жить легче, и сторонние разработчики
> могут работать, не рискуя испохабить базу. В TTS я смог это сделать
> примерно на 80-90%. Та часть, которую я не контролирую жестко,
> причиняет примерно половину проблем.
--
Ilya A. Volynets-Evenbakh
Total Knowledge. CTO
http://www.total-knowledge.com