LiveUser
Draft todo list
1. Clean up all functionality in the Seagull Core related to user/rights implementation.
- Switch to the use of abstract classes.
- What kind of pattern should be used:
- Bridge (This seems to be the correct pattern. We have template engines that are using bridge pattern. - Andrey)
- Template
- Strategy
- Abstract Factory
2. Create a Bridge API which will be used by the SGL Core.
3. Implement the current SGL user/rights functionality for BC based on Bridge API and a feature that allows for the creation of an application/site without any users with the exeption of an admin and guest user.
4. Implement LU bridge
5. Create Admin GUI templates for LU Managers.
Tasks
1-3 - Andrey
4-5 - AJ
Adapted LiveUser Models
Thanks for the great graphics from GVN Group http://www.gvngroup.be/doc/LiveUser/index.php For full size images, please click the links at the bottom of the page.
Simple Level:
Assign rights directly to users
The simple level of permission is efficient for managing simple applications with few users.
With an increasing number of users and complexity of applications in terms of functional areas and rights, you will want to implement higher level of permission management.
The functional view
A first way of doing is by assigning directly a right to a user. This is an easy way of handling permissions. In this case we'll only use a subset of all LiveUser? concepts.
The technical view
Now we can slide from the functional point of view into the technical point of view.
The following graph illustrates what are the LiveUser? tables and the links that we need to build for assigning rights directly to a user.
Medium Level:
Assign rights to groups of users
An increasing number of users of a system will quickly limit the usage of the simple level of permissions. Assigning rights to a group of users requires less work than repeating the task for each user.
The functional view
In addition to all concepts described in the simple level, we can now also deal with group of users.
The technical view
Rights are assigned to groups. Users are made member of groups.
On a technical point of view, 2 more tables are used to make those links: «liveuser_grouprights» and «liveuser_groupusers».
Complex Level:
Advanced Features
When working with the next level of permission management, in addition to all concepts described in the simple and medium levels, the implied rights feature can also be used.
The functional view
The difference with the medium level is that:
- when a right is granted, the user may also automatically be granted another right. This is called an «implied right».
- sub-groups are also supported
The technical view
On a technical point of view, a new table is used to define the implied rights.
Seagull Version of the LiveUser? ERD
Includes Sequence tables.
= LiveUser? Authentication Process Sequence Diagram =
= LiveUser? Authentication Process Activity Diagram =
Attachments
- SimpleLU.gif (18.8 kB) -
Simple Functional View
, added by randy on 10/20/06 12:54:35. - SimpleLU_Tech.gif (51.5 kB) -
Simple Technical View
, added by randy on 10/20/06 12:54:57. - MediumLU.gif (23.0 kB) -
Medium Functional View
, added by randy on 10/20/06 12:55:25. - MediumLU_Tech.gif (74.2 kB) -
Medium Technical View
, added by randy on 10/20/06 12:55:37. - ComplexLU.gif (27.2 kB) -
Complex Functional View
, added by randy on 10/20/06 12:57:56. - ComplexLU_Tech.gif (83.5 kB) -
Complex Technical View
, added by randy on 10/20/06 12:58:14. - LiveUser_ERD.gif (45.3 kB) -
LiveUser? ERD
, added by randy on 10/20/06 17:20:19. - LiveUser_SGL_ERD.png (158.1 kB) -
Seagull Implementation ERD
, added by randy on 10/20/06 17:45:15. - LiveUserSequence.png (38.5 kB) -
LiveUserSequence?
, added by randy on 10/25/06 00:11:40. - LiveUserActivity.png (34.4 kB) -
LiveUser? Activity Diagram
, added by randy on 10/25/06 00:19:56.
