Configure Security

Configure Security
Prev	Chapter 4. Users, groups and security administration	Next

Security is an important part of Obliquid. Various features and functions of Obliquid are represented by Security Objects. Permission to access these objects is assigned to a group. If a user is a member of a group that has access to the object, then that user has access to the object. Since a user can be a member of any number of groups, and any group can be given access to any security object, security configuration is a complex task and should be done carefully.

There are four different types of security objects defined in Obliquid.

Navigation Page. A Navigation Page security object controls which navigation icons and indexes a user sees. For example, the default installation has a security object defined for "posts_admlistcats". If the user has access to this security object, they will see a navigation icon which will take them to the main administration page for POSTS administration. Note that if the user does not have access to this security object, they could still type in the full URL for the page, and get to that page. What they actually see when the page is displayed depends on their access to the slots that are defined on the page.
Slot. This is the security object which controls most of the access within Obliquid. If the user requests that a page is displayed, each slot on that page is checked to make sure that the user has access to the slot. If the user does not have access, the code for the slot is NOT executed, and nothing is displayed in that slot location. So, even if the user types in a URL for a page or function that they do not have access to, no code will be executed, and very little will be displayed. Generally, the slot "core/nav" is available to everyone, so this would display on the page.
Operation. This type of security object is used to represent a logical security item rather than a code construct such as a page or a slot. It is used to add program checks within a page to provide a finer grained access control.
Table/key. This security object is used to control access to a particular key within a table. It is used by modules such as POSTS to control access to a particular category within the POSTS module. The module that creates the table entry should also create the Table/key entry and then let the user that requested the new entry to assign access rights to the desired groups.

Prev	Up	Next
Group Administration	Home	Chapter 5. Using the calendar