The access-control tag has no wiki summary.
1
vote
0answers
24 views
Restrictive routing best practices for Google App Engine with python?
Say I have a simple structure:
app = webapp2.WSGIApplication([
(r'/', 'pages.login'),
(r'/profile', 'pages.profile'),
(r'/dashboard', 'pages.dash'),
], debug=True)
Basically all pages ...
0
votes
0answers
56 views
Using a Finite State Machine for access management?
My intranet site uses LDAP and Active Directory to authenticate users. There are 2 kinds of Users: Managers and Employees. They are differentiated by having membership in a particular AD group.
In an ...
6
votes
1answer
357 views
What is the nicest (user-friendliest) way to tell a user about “Access Denied” error?
Our software implements a layer of role-based security to secure data access, in the form of access control lists. Whenever a user tries to do something that isn't allowed, the software layer will ...
0
votes
1answer
232 views
How to implement a hybrid role-based access control model?
I am writing an enterprise web-forms-frontend application for in-house use. It has Direct access control (DAC) masquerading as Role-based access control (RBAC).
For anonymization purposes, let's ...
2
votes
1answer
124 views
Should I manage authentication on my own if the alternative is very low in usability and I am already managing roles?
As a small in-house dev department, we only have experience with developing applications for our intranet. We use the existing Active Directory for user account management. It contains the accounts of ...
4
votes
2answers
143 views
What kind of permission is this? (Groups+Roles)
I'm starting to need an access control for roles in my app.
I don't know much of this, but I understand how vBulletin works:
I create groups, then give permissions to groups.
I think that what I ...
4
votes
1answer
287 views
Methodologies for Managing Users and Access?
This is something I'm having a hard time getting my head around. I think I might be making it more complicated than it is.
What I'm trying to do is develop a method to store users in a database with ...
1
vote
1answer
176 views
Control a microwave from my computer [closed]
Is there anyways I can take apart a microwave (any kind) and some how plug it into my computer and control it from my computer? Where to start... where to start...
5
votes
4answers
499 views
Why do organizations limit source code access to engineers? [closed]
Most organizations restrict access to the source code to engineers, and even at places like Google, the Android source code is kept off-limits to most engineers within the company. Why?
Note: I am ...
2
votes
1answer
75 views
What is a good overview of options for access controls/permissions?
I'm in the process of designing the access control portion of a moderately complex application, but I feel like I'm re-discovering a lot of wheels.
Does there exist a good overview of the "access ...
2
votes
1answer
227 views
How to Implement Restricted Access to Application Features
I'm currently developing a web application, that provides some 'service' to the user. The user will have to select a 'plan' according to which she/he will be allowed to perform application specific ...
2
votes
2answers
182 views
Duplication of view access control logic in database queries and application component
Our web application has a complex access control system which incorporates role-based and object-level privileges.
In the business logic layer, this is implemented by a component that obtains (and ...
2
votes
2answers
192 views
Coding user rights
Imagine a system which has a number of functions and a number of users. A user must have rights to a specific function. Users may belong to a group. A group may belong to a group.
So as a simple ...
