English 中文(简体)
Visual modelling of permissions
原标题:

I have come into the habit of hand-sketching various diagrams for software I create. My software is mostly for the web. I use E-R diagramming for the data logic (model of MVC) , and a personally invented diagram style for the interactions -- what pages lead to which other ones and what do they do, i.e. the views & controllers of MVC. This allows me to simplify the important concepts, eliminate the inconsistencies and highlights problem areas that need further investigation.

Now, I ve been starting to look at an application that requires a fairly complicated system of permissions. Not really "big" -- just complicated -- with several permission "dimensions" where some permissions need to be created on the fly, and some be static.

I find myself wishing there was some simple way to diagram the permissions system, so that I can get the ideas out of my head in a clear form, and make sure there are no inconsistencies. Hence my question:

Has anybody seen/used any method of modeling permissions in a visual diagram?

问题回答

The ls command uses color to denote permissions.

Also I would think on a whiteboard or powerpoint, that since permissions link groups of users to files, that lines between the two or spatial grouping becomes a possibility.

时间:2010-02-08 10:10:35

I would model:

  • my users with their attributes on the one hand
  • my resources with their attributes on the other

Identify the key attributes (building blocks). Then start writing bullet-point rules e.g.:

  • managers in finance can approve up to X
  • managers in HR can edit employee records...
  • employees in HR can approve new accounts

What you re doing is building your authorization policies. Then you can consider factoring out parameters e.g. the department attribute / value.

From there, you want to build a tree/flow where the root would be the entry point, the level below would be the departments, the level below other attributes...

Example:

  • If the user is in purchasing{}
  • Else if the user in finance{}
  • Else if...

(but in a graphical tree-based way).

I use XACML for authorization which is policy/tree-based. You can then apply CSS to it (or XSLT) to get a graphical sense of the authorization. Check out my blog for samples: http://www.webfarmr.eu/2010/11/xacml-102-pimp-my-xacml-css/

时间:2013-09-30 16:50:23


上一篇:
下一篇:


相关问题
Is there a tool to model/simulate software concurrency?

Is there a good tool out there that can model an application concurrency/locking scheme in a graphical way and that can simulate some of the aspects? I know that Petri nets can be used for that more ...

时间:2009-12-22 19:07:00 回答:7 展示:1
Django models generic modelling

Say, there is a Page that has many blocks associated with it. And each block needs custom rendering, saving and data. Simplest it is, from the code point of view, to define different classes (hence, ...

时间:2009-12-21 12:07:28 回答:2 展示:1
Modeling by example: by Thomas Funkhouser

currently Im working on a portion on this research paper "modeling by example" Have tonnes of problems now.So if anyone has knowledge on this paper, help is badly needed here. I am using java opengl ...

时间:2009-12-21 08:00:21 回答:1 展示:1
3d modeling for data structures

I m looking for a 3D modeling/animation software. Honestly, I don t know if this is something achievable - but what I want to have is some kind of visual representation of various ideas. Speaking in ...

时间:2009-12-12 10:59:50 回答:3 展示:1
VHDL - When does a process() run for the first time?

Consider : process(a) According to the text i have : A process is first entered at the time of simulation, at which time it is executed until it suspends itself due to a wait statement or a ...

时间:2009-11-30 15:39:30 回答:2 展示:1
UML Diagram to Model API

I need to create a diagram to document a RESTFul API that build, which UML diagram should I use? Thanks in advance,

时间:2009-11-13 18:18:45 回答:3 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全