Index: openacs-4/packages/acs-core-docs/www/object-system-design.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/object-system-design.html,v diff -u -r1.10 -r1.11 --- openacs-4/packages/acs-core-docs/www/object-system-design.html 28 Jun 2003 05:07:02 -0000 1.10 +++ openacs-4/packages/acs-core-docs/www/object-system-design.html 20 Aug 2003 16:20:16 -0000 1.11 @@ -84,7 +84,7 @@ that defines this table.
Until the implementation of the general permissions system, every OpenACS application had to manage access control to its data separately. Later on, a notion of "scoping" was introduced into the core data model.
"Scope" is a term best explained by example. Consider some -hypothetical rows in the address_book table:
... scope user_id group_id ... ... user 123 � ... ... group � 456 ... ... public � � ...
The first row represents an entry in User 123's personal address book, +hypothetical rows in the address_book table:
... scope user_id group_id ... ... user 123 � ... ... group � 456 ... ... public � � ...
The first row represents an entry in User 123's personal address book, the second row represents an entry in User Group 456's shared address book, and the third row represents an entry in the site's public address book.
In this way, the scoping columns identify the security context in which a @@ -861,5 +861,5 @@ type mechanism is a bit more complex, but in return it provides functionality on par with the old user/groups system in a more general way.
Pete Su generated this document from material culled from other documents by Michael Yoon, Richard Li and Rafael Schloming. But, any remaining lies -are his and his alone.
Document Revision # | Action Taken, Notes | When? | By Whom? | ||||||||||||||
0.1 | Creation | 9/09/2000 | Pete Su | ||||||||||||||
0.2 | Edited for ACS 4 Beta | 9/30/2000 | Kai Wu | ||||||||||||||
0.3 | Edited for ACS 4.0.1, fixed some mistakes, removed use of term
+are his and his alone.
|