Re: [platform-ui-dev] Role based development using Contexts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [platform-ui-dev] Role based development using Contexts

From: Tod Creasey <Tod_Creasey@xxxxxxxxxx>
Date: Mon, 22 Sep 2003 16:40:28 -0400
Delivered-to: platform-ui-dev@xxxxxxxxxxx
List-archive: <http://dev.eclipse.org/pipermail/platform-ui-dev/>
List-help: <mailto:platform-ui-dev-request@eclipse.org?subject=help>
List-subscribe: <http://dev.eclipse.org/mailman/listinfo/platform-ui-dev>, <mailto:platform-ui-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <http://dev.eclipse.org/mailman/listinfo/platform-ui-dev>, <mailto:platform-ui-dev-request@eclipse.org?subject=unsubscribe>

Alex

There is work to this effect already going on for 3.0. Please see 
http://dev.eclipse.org/viewcvs/index.cgi/%7Echeckout%7E/platform-ui-home/roles/index.html 
where we will be keeping the documentation on the plan for roles support 
(and instructions on how to use it) throughout the 3.0 cycle.

What we are currently working on is very similar to what you suggest but 
still in the early stages. Your feedback would be most appreciated.

Tod





Alex Weirig <aweirig@xxxxxxxxxxxxx>
Sent by: platform-ui-dev-admin@xxxxxxxxxxx
09/22/2003 04:30 PM
Please respond to platform-ui-dev

 
        To:     platform-ui-dev <platform-ui-dev@xxxxxxxxxxx>
        cc: 
        Subject:        [platform-ui-dev] Role based development using Contexts



Hello,

I was wondering if one could implement a role based development approach
using contexts. Indeed, from what I read, contexts should simplify the
use of Eclipse by showing to user only the views, wizards, commands etc
that are relevant to his current needs (based on cotexts he enters or
leaves). But IMHO what is missing, is a restriction for the user to only
"see" the contexts he is supposed or allowed to use, based on some
corporate decisions.

Using this role based development approach, a developer should only be
allowed to see the contexts he is supposed to use and none of the
others. This would  the mean that he wouldn't even be allowed to open
anything not covered by his contexts (no views, no perspectives, no
wizards, no commands). I thought that a role could be defined in two ways:
1) By including all the contexts the user is allowed to use. Basic
example, a java developer would use the Java context, the debugging
context and the JSP Tag lib context.
<role>
    <name>
       Java Developer
    </name>
    <description>
       This role will develop all kind of Java software
    </description>
    <mode>
       include
    </mode>
    <context>
       Java
    </context>
    <context>
       Debugging
    </context>
    <context>
       JSP Tag lib
    </context>
</role>
2) By excluding all the contexts the user is not allowed to use. Basic
example, a generic developer would have access to any context except for
Application Design, Analysis and DB design...
<role>
    <name>
       Any Developer
    </name>
    <description>
       This role will develop any kind of software
    </description>
    <mode>
       exclude
    </mode>
    <context>
       Application Design
    </context>
    <context>
       Analysis
    </context>
    <context>
       DB design
    </context>
</role>

Of course a developer could belong to one or several roles.

Before allowing a user the get into a context the following code could
be executed to check whether a context is accessible for this user based
on his roles:

boolean checkIfContextIsAllowed(Context destinationContext , boolean
checkForAllRoles) {
    // The checkForAllRoles would indicate whether, for a given user we
want to make sure that
    // a context disallowed for one role but allowed for some other role
(or vice versa) would
    // be checked and thus the correct restriction applied. This data
would be retrieved from
    // some user profile database as would be this list of roles a user
belongs to

    // By default, we will return true so that we don't change the
current behaviour where every
    // context is available to every user
    boolean result = true;
    roles = Workbench.getRoles();
    if (roles != null) {
       for (Iterator roleI = roles().iterator() ; roleI.hasNext();) {
          Role role = (Role)roleI.next();
          contexts = role.getContexts();
          mode = role.getMode();
          if (mode == include) {
             if (contexts.contains(destinationContext) {
                result = true;
                if (!checkForAllRoles) {
                   break;
                }
             }
          } else if (mode == exclude) {
             if (contexts.contains(destinationContext) {
                result = false;
                if (!checkForAllRoles) {
                   break;
                }
             }
          }
       }
    }
    return result;
}
Rather than using the checkForAllRoles, an additional option could be
defined for each context in the role definition that would indicate
whether this context should be "forced" (either included or excluded) no
matter what other roles might indicate for that given context. By
default the context would be allowed/disallowed based on the first
definition found.

In a later version, it should also be possible to build roles
using/including other roles.

Please let me know what you think of this concept.

Kind regards

Alex Weirig




_______________________________________________
platform-ui-dev mailing list
platform-ui-dev@xxxxxxxxxxx
http://dev.eclipse.org/mailman/listinfo/platform-ui-dev

Prev by Date: [platform-ui-dev] Role based development using Contexts
Next by Date: [platform-ui-dev] vote for new committer - douglas pollock
Previous by thread: [platform-ui-dev] Role based development using Contexts
Next by thread: [platform-ui-dev] vote for new committer - douglas pollock
Index(es):
- Date
- Thread

Breadcrumbs