Checklist for 2.1.0 ("Access Control")
-
Rename directories from acl
toaccess
-- lists, rules, rights are special terms -
Rename library from liba2acl.so
toliba2access.so
-
Rename liba2id.so
toliba2identity.so
-- makes sense externally and is consistent -
Document ACCESS.MD
akin toIDENTITY.MD
-
Align identifiers; we have a2xs_
acldb_
a2acl_
a2aclc_
a2aclr_
-
Key derivation: function names; keylen; separate from "production flow" functions -
Report error codes in errno for a2xs -
Insert a "trunk" or "Access Group" in the database; struct acldb default is 0 -
Check if LMDB integer keys are really more compact (no size per key)No concern, integers are useful with hashed keying -
Check if LMDB integer keys are not "too portable" and get reversedNo concern, we will not assume portable databases -
Document pattern and a few Access Types: attrs, rights, triggers -
Generic function likeAccess Type specific wrappers like Communcationa2xs_getrights()
, much like currenta2xs_communication()
-
Simple algebra for Access Rights:AccessRights RW+CD/RWCDKP
-
Access Rules might need to be fixed-coded in (simple-entry) applications
Edited by Rick van Rein