Wednesday, November 16, 2005

changing intentions

I've now written up (briefly) the imatch specs under the intentions page at www.compstrm.org. I've also split setup magic and user Folders into separate versions--the specs for user Folders may not be stable yet.

I've also been thinking about how the calendar should be secured. Yes, you could easily use the restrict command (it will take some time) to restrict write access to the entire calendar. But that's a rather large hammer. What if you want to allow updates to days and weeks, but not to months? What about preventing the creation/destruction of days? This is a big topic and I'm not even going to try to address it all in one go.

Now I like the new logic in the create commands, where we copy the parent's restrict tag onto the new child. But I think there is also a role here to be played by the du command. Lets define a new header in DescriptorUnits, "restrict". This header would name a role. And when du is used to assign a DescriptorUnit to a Topic, if the restrict header is present in that DescriptorUnit, then the restrict tag on the topic would be assigned the role named by that restrict header.

We can then also modify the restrict command to check for the presense of the restrict header in the DescriptorUnit of each topic it encounters and apply the header when present. (And propagate the new value down to subtopics as appropriate.) Of course, we'll want similar behavior in gencal and the new ark setup utilities.

This will give us a bit more flexibility in managing write-access, but will only come into play when there is a restrict header in a DescriptorUnit.

Any comments?

0 Comments:

Post a Comment

<< Home