headers
Lukas Renggli | 1 May 2006 19:22
Picon
Picon
Favicon

Re: Security (was: Re: Pier user in context)

> Yes, I know that this is a common way to think. What bothers me is
> this (from a naive point of view):
>
> - security should not something which is only be added (thats the
> nature of decoration), because what was added can also be removed or
> forget to add.

Well, as soon as the unix security package is loaded, the security  
decoration adds itself automatically to all newly created structures.  
There is no easy way, except by manually editing the object-graph  
from the inspector, to add or remove security decorations.

> It seems more natural to me that security is deep in
> the mechanism of objects (or better message send), like the vats in E
> or Islands in Croquet.

In my opinion this is something different. I want to keep as much as  
possible pluggable in Pier, so that users with different needs can  
use different security systems. There are already two security  
frameworks that both work nicely, that both have advantages and  
disadvantages, and that every user can decide to use or not to use.

> - if one say model or buisness logic, one could easily think at the
> multi tier architectures. Here it is a common way to say, security
> must handled be the database objects (for example), not by the
> objects which are only a viewer. My problem is 1) that these viewers
> are mediators of security and 2) that in complex systems  this
> viewers can be itself complex object with model-view architecture.

In Pier the security is not handled by the view, but by the model.
(Continue reading)

Permalink | Reply |
headers
Hans N Beck | 1 May 2006 20:14
Picon
Favicon

Re: Security (was: Re: Pier user in context)

Hi,

>
>> - if one say model or buisness logic, one could easily think at the
>> multi tier architectures. Here it is a common way to say, security
>> must handled be the database objects (for example), not by the
>> objects which are only a viewer. My problem is 1) that these viewers
>> are mediators of security and 2) that in complex systems  this
>> viewers can be itself complex object with model-view architecture.
>
> In Pier the security is not handled by the view, but by the model.
> That is also the reason why it works in the Seaside view and in the
> OmniBrowser view without additional code.

Yes, this is clear (because decorators are part of model) if looking  
at "Seaside only" solutions. My statement above was made by thinking  
Seaside/Pier itself as a view in a greater solution. But ok, where to  
draw the borders between model and view may be somewhat academic :-)

>>
>
> Hope this clarifies some things,

Oh, I understand the implementation in Pier, and also the intention.  
I only want to play with a different point of view ;-)

>
> Side-note: I do not claim that the security model of Pier is secure
> and impossible to break, as with everything I write as open-source it
> suits my personal needs. Bug-reports, fixes and enhancements are
(Continue reading)

Permalink | Reply |
headers
Ramon Leon | 2 May 2006 04:18
Picon

Tasks

Lucas, is there a particular reason that Pier doesn't allow WATask 
subclasses to be added as components?

_______________________________________________
SmallWiki, Magritte, Pier and Related Tools ...
https://www.iam.unibe.ch/mailman/listinfo/smallwiki
Permalink | Reply |
headers
Lukas Renggli | 2 May 2006 07:19
Picon
Picon
Favicon

Re: Tasks

> Lucas, is there a particular reason that Pier doesn't allow WATask
> subclasses to be added as components?

Actually subclasses of WATask should work. In some older versions of  
Pier there was a bug that a WATask rendered empty on the first  
request, however I think this problem is solved in current versions  
of Pier.

Can you give some more details about your task?

Cheers,
Lukas

--

-- 
Lukas Renggli
http://www.lukas-renggli.ch

_______________________________________________
SmallWiki, Magritte, Pier and Related Tools ...
https://www.iam.unibe.ch/mailman/listinfo/smallwiki
Permalink | Reply |

Gmane