wiki:GROUP_BASE_SECURITY_R0

Version 1 (modified by boyan, 16 years ago) (diff)

--

Error: Macro BackLinksMenu(None) failed
compressed data is corrupt

Error: Macro TicketQuery(summary=GROUP_BASE_SECURITY_R0, format=table, col=summary|owner|status|type|component|priority|effort|importance, rows=description|analysis_owners|analysis_reviewers|analysis_score|design_owners|design_reviewers|design_score|implementation_owners|implementation_reviewers|implementation_score|test_owners|test_reviewers|test_score|) failed
current transaction is aborted, commands ignored until end of transaction block

Analysis

Overview

This group of tasks covers the basic security model of Sophie, in particular users and groups. At this revision of the task, users and groups will be implemented as resources and the server application should use the new model.

Task requirements

  • Define and implement a basic security model for users and groups as resources:
    • A user should keep:
      • username (required)
      • password (required)
      • email (required)
      • full name
      • birthdate
      • description (about me)
    • A group should have:
      • name (required)
      • description
    • A user can belong to multiple groups (or to no group at all).
  • Change the server application to use the newly defined model.
  • Ensure that registration and login work through the web user interface.
  • At this revision, persistence is not required. You can keep information about the users and groups in memory.

Task result

Source code

Implementation idea

  • Create a new module - base.model.security to hold the security model (this will include permissions at a later stage).
  • Take a look at the current server implementation of users and groups.
  • Groups can have a list of the users in the group. Users do not necessarily need to have a property, holding their group.

(Add links to related tasks that could be useful or helpful.)

How to demo

  • Run the server application and create a user.
  • Login with that user and display the user info.

Design

Describe your design here.

Implementation

Describe and link the implementation results here (from the wiki or the repository).

Testing

Place the testing results here.

Comments

Write comments for this or later revisions here.