Index: openacs-4/packages/acs-core-docs/www/xml/developers-guide/permissions-tediously-explained.xml
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/xml/developers-guide/permissions-tediously-explained.xml,v
diff -u -r1.4 -r1.5
--- openacs-4/packages/acs-core-docs/www/xml/developers-guide/permissions-tediously-explained.xml 11 Dec 2003 21:39:48 -0000 1.4
+++ openacs-4/packages/acs-core-docs/www/xml/developers-guide/permissions-tediously-explained.xml 11 Nov 2004 21:23:44 -0000 1.5
@@ -599,114 +599,39 @@
Privilege Hierarchy
- Privileges are also organized hierarchically. In addition to the five main system privileges
- defined in the ACS Kernel data model, application developers may define their own. For instance,
- the Bboard package defines the following privileges:
+ Privileges are also organized hierarchically. In addition to
+ the five main system privileges defined in the ACS Kernel data
+ model, application developers may define their own. Note,
+ however, that this is no longer recommended practice.
-
-
-
-
-
- privilege
-
-
-
-
- create_category
-
-
- create_forum
-
-
- create_message
-
-
- delete_category
-
-
- delete_forum
-
-
- delete_message
-
-
- moderate_forum
-
-
- read_category
-
-
- read_forum
-
-
- read_message
-
-
- write_category
-
-
- write_forum
-
-
- write_message
-
-
-
-
-
- By defining parent-child relationship between privileges, the OpenACS data model
- makes it easier for developers to manage permissions. Instead of granting
- a user explicit read, write, delete,
- and create
- privileges on an object, it is sufficient to grant the user the admin
- privilege to which the first four privileges are tied. To give
- a more detailed example, the Bboard privileges are structured
- as follows.
+ By defining parent-child relationship between privileges, the
+ OpenACS data model makes it easier for developers to manage
+ permissions. Instead of granting a user explicit
+ read, write,
+ delete, and create
+ privileges on an object, it is sufficient to grant the user the
+ admin privilege to which the first four
+ privileges are tied. Privileges are structured as follows.
-
+
-
-
-
-
-
-
-
-
-
- admin
+ admin
- create
- delete
- read
- write
- moderate forum
+ create
+ delete
+ read
+ write
-
- create category
- create forum
- create message
- delete category
- delete forum
- delete message
- read category
- read forum
- read message
- write category
- write forum
- write message
-
@@ -1172,7 +1097,8 @@
Security information is queried by calling the acs_permission.permission_p
- function in OpenACS 4.x.
+ function in OpenACS 4.x+. This is accessible from Tcl via the
+ permission::permission_p procedure.