|Question about RBAC's "task" entity||Boaz Rymland||2/19/12 12:56 PM|
First question for this to-be-extremely-busy-mailing-list - yey!
Basically, I cannot fully understand Yii's RBAC definition of a "task".
I've written a forum post that explains my need in a good manner, I hope. Right here.
I'll be grateful if anyone can shed light on the subject... .
|Re: Question about RBAC's "task" entity||Waseem Hamshawi||2/19/12 3:36 PM|
I'm going to answer here too.. maybe it'll bring some life to the
As I understood, it's a matter of semantic and naming convention.
You choose how to divide/abstract the RBAC using roles, operations and
However, if you have a set of auth. items which have something
incommon, I would recommend creating a task (without bizrules) and
assignning operations as its children (with bizrules). i.e : task =>
manage members | operations=> edit member, add member, etc..
Again, it depends on the abstraction from your prespective. But the
most important thing is to be consistent, so you won't get into too
much troubles with complex systems.
> Right here<http://www.yiiframework.com/forum/index.php/topic/28993-what-exactly-...>
|Re: [yii-israel] Re: Question about RBAC's "task" entity||Boaz Rymland||2/19/12 11:09 PM|
Thanks for the double answer (finally - some traffic here! :-) .
I'm gonna wait for more answers on the official Yii forum. Maybe something will come out of there too.
As of now, indeed, I don't see more than semantic difference between an operation and a task, which points to either a bad design (over-design...) or that I missed it and a more fundamental difference do exists.
Why are you using role and tasks exclusively? To me, it seems more natural to use role and operation ("do something"). I spent several years in Drupal. Drupal uses simpler RBAC authorization system which contains roles and operations (the latter can be argued to be tasks but if you compare the actual permissions granted in drupal, meaning "create page", "update page", etc, those are very much the same operations demonstrated in Yii's docs).
|Re: Question about RBAC's "task" entity||Waseem Hamshawi||2/20/12 12:39 AM|
i'm not familiar with drupal's rbac, but if it seems more natural to
you then go for it :)
if you take a look at yii's class reference, you can see they are all
to be sure, I found now a post from Yii's main developer which can
clear things even more:
> As of now, indeed, I don't see more than semantic difference between an *
> operation* and a *task*, which points to either a bad design
> (over-design...) or that I missed it and a more fundamental difference do
|Re: [yii-israel] Re: Question about RBAC's "task" entity||Boaz Rymland||2/20/12 12:49 AM|
Yeah, that certainly adds some explanation: operations are meant to be a basic building block which is not viewable or mess-able by administrator. Developers are using them to compose "tasks" which are the entities that should be played with by site administrators. And tasks compose Roles.
That's a (one?) good way to grasp it I guess.
|Re: Question about RBAC's "task" entity||Waseem Hamshawi||2/20/12 1:01 AM|
yep, actually the best way to grasp it :) but eventually it's your
> On Mon, Feb 20, 2012 at 10:39 AM, Waseem Hamshawi <hamsh...@gmail.com>wrote:> >http://www.yiiframework.com/forum/index.php/topic/2313-rbac-confusion...
|Re: [yii-israel] Re: Question about RBAC's "task" entity||Boaz Rymland||2/20/12 1:25 AM|
posted an update on the Yii forum. I hope it will get more comments. Attaching to collective wisdom is a good behavior (note the intended technical terms ).
|Re: Question about RBAC's "task" entity||Waseem Hamshawi||2/20/12 1:37 AM|
hehe.. you forgot to add the "C" 's :)
> technical terms [?] ).
> < 1KViewDownload
|Re: [yii-israel] Re: Question about RBAC's "task" entity||Boaz Rymland||2/20/12 1:37 AM|
|Re: [yii-israel] Re: Question about RBAC's "task" entity||Boaz Rymland||2/21/12 11:47 AM|
After a couple of days it rolled in the background of my head I think that I would take your advice as I think that its good: given the definition of Operation, Task and Role as we discussed, and I got no further comments about this to get wiser, probably its most appropriate to use "tasks" mostly and "operation" only by developers, where appropriate. Since the latter doesn't come too often, I think, the design would probably be composed of Roles and Tasks.
Just my 2 agorot on this.