Features, information, and bug reports.
Account Manager 4.X design and update notes. This is a placeholder for future tasks.
Stephen W. Cote
Added /DWAC/ Handler for basic CRUD operations.
Each user with a SoftwareExporter role will get a ~/DWAC/ DirectoryGroup (in Account Manager 4's DB structure), and within have DistributedComponents, Templates, Fragments, and Components DirectoryGroup groups.
Stephen W. Cote
Updated SecureAccessLayer to include more authorization checks. The rather organic policy engine is pretty generic with the SAL providing the enforcement point.
I lowered the restrictions for the ForumHandler. In an ideal world, I would open up the admin tool and just allow read access to everyone for non-restricted forum topics. However, Account Manager 4 doesn't support the generic 'Everyone' of unauthenticated users when evaluating role and group participation or permission affects. Therefore, it was necessary to change the AuthenticationRequired bit on the ForumHandler, and update the static control renderer to hide features for unauthenticated users. On the server-side, the same policy checks take place to determine if an authenticated user is authorized to perform the requested action.
Security implementation is presently "left to the student" - it's present, but not all checks are implemented in SecureAccessLayer.
Security related to Role, Account, and Data objects should be wrapped by a centralized policy that can be reused via common or standard APIs (eg: JAAS, if this were Java).
Create a generic IO handler for object browsing.
This should be broken up into separate handlers for groups, data (use MediaHandler), accounts (currently handled in Admin.aspx.cs), and organizations.
The current work on the DWACHandler necessitates a number of these changes, so the choice is to do the extra work ahead of time, or just finish DWACHandler, which may be a better use of time at the moment.
For factories: Account, Data, Group - expose a unified view to return objects composted with participation policies (eg: Roles, Tags, Groups, Affects).
Reconsider caching - at present, it's at the factory level. However, non-deterministic collections of participations are not cached.
Normalize data table schema to move binary and short varchar data into separate addressable tablespaces.
[ Copyright Stephen W. Cote, 2000 - 2009. Forum Content is Copyright by the indicated owner. ]