Tcl in packages/acs-kernel
@@ -55,7 +61,7 @@
a given database row based on the information in that row.
Problems resulting from this piecemeal approach to permissions and access control were many, the two major ones being inconsistency, and repeated/redundant code. Thus the drive in -OpenACS 4 to provide a unified, consistent permissions system that +OpenACS 4 to provide a unified, consistent permission system that both programmers and administrators can readily use.
There are three essential areas in which all transactions in the -permissions system fall:
Modification of methods and privileges
Modification of permissions
Queries on permissions
"Modification of methods and
@@ -171,7 +177,7 @@
This is done by querying against acs_permissions.
The API to the permission system consists of a few well-known tables, plus a pair of PL/SQL procedures and a pair of Tcl functions.
Tables
acs_methods, acs_privileges, and acs_privilege_method_rules manage the set
@@ -209,13 +215,13 @@
returns true or false, the other presents an error page.
To receive a true or false value, Tcl code should call:
permission::permission_p -object_id $object_id -party_id $user_id -privilege $method
If the user_id argument is
-left out, then the currently logged in user is checked. To create
+left out, then the currently logged-in user is checked. To create
an error page, Tcl code should call:
permission::require_permission -object_id $object_id -privilege $method
These procedures are defined in acs-permissions-procs.tcl.
All users of the permission system are the same at the
user-interface level. If you have the administer_privileges method permission on
an object, then you may edit privileges for that object with the
UI.
The UI currently provides a list of all granted permissions on @@ -233,7 +239,7 @@ permissions UI, outlined below.
There are no configuration options for the permission system.