| Subject | Re: [firebird-support] Re: how to determine User role |
|---|---|
| Author | Milan Babuskov |
| Post date | 2008-03-31T08:09:07Z |
Anderson Farias wrote:
system admin. and some of the users complain that something doesn't work
properly for them. Now, instead of asking for their password, you simply
take the 'regular-user' hat, log in with your own user/pass and test the
application to see what's the problem. Of course, one should design
application security in such way that this can actually be usable.
Adding it as an ad-hoc thing is probably not going to work nice.
you can morph from role into another.
Also, clean role separation allows clean application design. Imagine
being able to change the role at any time. What would the uses cases for
such application look like? When you have separate roles, you can easily
design the application by using typical use cases (roles) and you can
easily design security for each use case (role). If user would be able
to change the role in the middle, it would break the flow, and make the
application design much harder.
It seems you only want roles to simplify the actual granting operation
(which could be quite easily done via external application). If you look
into it deeper, you'll see that having 'groups' of users for easier
grant assignment is rather easy to implement in external app. while
something like roles would require application logic in all applications
using the database. Coding one application to manage the groups is much
easier than coding the rolls logic in all applications.
adding a new feature called "groups" or something like that, which would
only serve for aggregation of privileges.
--
Milan Babuskov
http://www.flamerobin.org
> Actually I understand that. My point is that I find this concept *limited*.It all depends. I find roles to be very useful. For example, if you're a
> Having to select a 'hat' before your 'journey' (some times without even
> knowing what the options are, look at the message that originated this
> thread) IS NOT better at all than having all your "granted" hats with you
system admin. and some of the users complain that something doesn't work
properly for them. Now, instead of asking for their password, you simply
take the 'regular-user' hat, log in with your own user/pass and test the
application to see what's the problem. Of course, one should design
application security in such way that this can actually be usable.
Adding it as an ad-hoc thing is probably not going to work nice.
> And users would have all it'sBecause your sysadmin doesn't like to trace the log of what you did if
> granted rights without having to logoff/login (if I have the right, WHY
> should I have to do that??
you can morph from role into another.
Also, clean role separation allows clean application design. Imagine
being able to change the role at any time. What would the uses cases for
such application look like? When you have separate roles, you can easily
design the application by using typical use cases (roles) and you can
easily design security for each use case (role). If user would be able
to change the role in the middle, it would break the flow, and make the
application design much harder.
It seems you only want roles to simplify the actual granting operation
(which could be quite easily done via external application). If you look
into it deeper, you'll see that having 'groups' of users for easier
grant assignment is rather easy to implement in external app. while
something like roles would require application logic in all applications
using the database. Coding one application to manage the groups is much
easier than coding the rolls logic in all applications.
> I'm not saying it's wrong, I understand how it works and IMO, it can (andIMHO, the way roles work is perfect. If anything should be changed, is
> should) be *enhanced* -- by the time it gets important enougth to get into
> FB development tight schedule already full of great and (probably) more
> important enhancements.
adding a new feature called "groups" or something like that, which would
only serve for aggregation of privileges.
--
Milan Babuskov
http://www.flamerobin.org