[higgins-dev] Access Control use case: HR Directory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[higgins-dev] Access Control use case: HR Directory

From: Paul Trevithick <paul@xxxxxxxxxxxxxxxxx>
Date: Sun, 13 Jul 2008 22:47:19 -0400
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AcjlW+65GN2088j58E6+O9X70vFalw==
Thread-topic: Access Control use case: HR Directory
User-agent: Microsoft-Entourage/12.11.0.080522

Title: Access Control use case: HR Directory

Folks,

After the dev call on Thursday, I needed to go back and make some fixes to my earlier attempt to model this one use case: [1]. I’ve done so, and the result can be seen diagrammatically here: [2] --you can read the “Notes” section for details. I also cut over to an improved diagramming style. I believe that this one picture now captures correctly the semantics required. Note that the “Myself_2” policy intentionally does not have a link to the ex:employeeId —cuz I’m not allowed to modify that (unless I’m also a manager).

Gory details: To make everything work, I ended up having to add a second kind of link, but I think the result is a clean design. If the “resource” in question is an entire Entity instance or a class of Entities, then the “:operation” sub-attribute (e.g. “read” or “modify” etc.) link just points to the Entity instance or the Entity class (e.g. Employee in this case). If finer grained, attribute level control is required, then one or more “:onAttribute” links (whose values are the Attribute types in question) are added to restrict the coarser “:operation” (entity-level) semantics. This meant that I needed to break the third policy entity into two (“Myself_1” and “Myself_2”), but what I like is that there are fewer links in total despite richer semantics than the first attempt, and I was able to consolidate two diagrams into one partly as a result of this.

It will be interesting to see if this new approach holds up to the next use cases.

-Paul

[1] http://wiki.eclipse.org/Access_Control_Use_Cases#HR_directory repeated here:

Each person listed in the directory can:

    * read and modify ex:fullname and ex:email attributes of their own entry (Entity)
    * read ex:employeeId (and the above two kinds of attributes) of their own entry
    * read ex:fullname, ex:email and ex:employeeId of any other employee's entry (or HR dept person)

Members of the HR department (group) can:

    * edit all three kinds of attributes of every entry

[2] http://wiki.eclipse.org/HR_Directory_Access_Control_Policy – the diagram

Prev by Date: Re: [higgins-dev] Questions wrt HOWL 1.1
Next by Date: Re: [higgins-dev] run-time configuration changes
Previous by thread: [higgins-dev] Ernst Plassmann is out of the office.
Next by thread: [higgins-dev] Higgins 1.1 M3 Build status - Tue 15-July
Index(es):
- Date
- Thread

Breadcrumbs