diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-08-28 18:18:37 +0000 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-08-28 18:18:37 +0000 |
| commit | d69c917ca3656481802e8a41177e4e73f04bd054 (patch) | |
| tree | fb8eb8f51677e7aa63e28a962186dac5fe1a2cc2 /docs/design-acl | |
| parent | 74063a8a3827140348e140ffdd43879ec6e02d04 (diff) | |
Standardize on terminology. Each component of an ACL is called an entry.
Diffstat (limited to 'docs/design-acl')
| -rw-r--r-- | docs/design-acl | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/docs/design-acl b/docs/design-acl index f8daad4..d2ddb32 100644 --- a/docs/design-acl +++ b/docs/design-acl @@ -5,20 +5,20 @@ Introduction This is a description of the ACL layer of the wallet implementation. This is a specification of the expected behavior of the ACL implementation and includes the syntax and semantics of ACL strings - used in the database. The ACL strings used by the wallet are intended + used in the database. The ACL entries used by the wallet are intended to be an extensible format to which additional ACL backends may be added as needed. When new ACL backends are added, they should be described here. Syntax - An ACL in the wallet consists of two pieces of data, a <scheme> and an - <instance>. <scheme> is one or more characters in the set [a-z0-9-] - that identifies the ACL backend to use when interpreting this ACL. - <identifier> is zero or more characters including all printable ASCII - characters except whitespace. Only the implementation of <scheme> - knows about the meaning of <identifier>. <identifier> may include - zero or more users. + An ACL entry in the wallet consists of two pieces of data, a <scheme> + and an <instance>. <scheme> is one or more characters in the set + [a-z0-9-] that identifies the ACL backend to use when interpreting + this ACL. <identifier> is zero or more characters including all + printable ASCII characters except whitespace. Only the implementation + of <scheme> knows about the meaning of <identifier>. <identifier> may + include zero or more users. Semantics @@ -28,13 +28,13 @@ Semantics Whenever there is a question about whether a user is permitted an action by a particular ACL, the following verification algorithm is - used: Iterate through each ACL string on the ACL in question. If the - ACL string is malformatted or the scheme is not recognized, skip it. + used: Iterate through each ACL entry in the ACL in question. If the + ACL entry is malformatted or the scheme is not recognized, skip it. Otherwise, dispatch the question to the check function of the ACL implementation, passing it the principal identifying the client and - the <identifier> portion of the ACL string. This function returns + the <identifier> portion of the ACL entry. This function returns either authorized or unauthorized. If authorized, end the search; if - unauthorized, continue to the next ACL string. + unauthorized, continue to the next ACL entry. There is no support in this scheme for negative ACLs. |