Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am interested in performing advanced access control for users to access resources within software systems. I work in healthcare IT and a younger me has frequently underestimated the complexity of role-based access control in healthcare. But this question should apply to anyone with complex ACL requirements.
For quite some time php gacl has been my go-to library for the purposes of handling the very complex ACL control issues inside Health IT systems. But I am now working more with javascript in general and node specifically. I have searched npm for libraries to do Access Control in a generalizable way.
I would like to have support for defining actions rather than merely users and resources (3-tier instead of 2) and I would like to have user, action and resource groups, and by implication I would like to have ACL inheritance.
The classic examples from the Star Wars themed manual to that library are rules like:
All members of the crew have (visit, configure, and use) access to
the guns, engines, cockpit and lounge, expect for chewie.
All droids have (visit and use) access to the cockpit, but only R2D2 has
configure access to the engines.
Han has all types of access to all
types of resources.
The basic concepts here include the notion that you can make rules that apply to either groups of users(i.e. crew, passengers or droids) or individuals (Han, and Chewie), that you can have different types of access (visit, configure, use) or groups of access (maintence access = configure + repair + use) to different resources (engine and cockpit) which could also be grouped, (battle-stations = cockpit + guns).
This allows for the configuration of extraordinarily complex access control rules, with relatively simple group-based administration.
So far, I have seen nothing like this outside of php-gacl. I have taken a look at the wonderful javascript based ACL projects and all of them advertise simplicity and ease of use rather than comprehensiveness. This is also true of other typical php ACL libraries (i.e. Zend ACL)
Is someone working on an "advanced ACL" project for node? Is there perhaps a much better approach that I should be looking for somewhere?
php-gacl comes with three parts, one is a php-based admin GUI (that is admittedly over-complex), and an API for CRUD on the rules (that could be easily converted to a REST interface I think) and a very small file that provides ACL checking functionality.
Technically, only the last type would need to be fully ported over to node in order for that software model to work?
On a deeper level, I want to understand what approaches have been used successfully to handle this problem. How is this problem typically solved? Bonus points for those who effectively discuss this problem in terms of node/javascript and perhaps even a particular database approach (relational vs non-relational). I understand that there are lots of theoretical underpinnings for doing this right/wrong (i.e. lots of opinion over RBAC, vs ACL). What I want is something theoretically solid, or almost-solid that still "just works" from a library standpoint. I am focused on Javascript, but it would be nice to understand how other languages are practically solving this problem.
If you can avoid using any kind of ACL, you are usually better off. They are complex to administer. You would be better off modeling three levels of security checks:
URL/IP Address/or other accesspoint security check
Method upon resources check. Whatever entities you want to modify or manipulate you put permission checks on that. I.E. Business rules type of access.
Entity Resource check. If a user/API/OAuth token has access AT ALL to an entity
This can be accomplished using an RBAC. The roles for your organization/site each are assigned a set of access/modification/manipulation permissions. Users are assigned a role(s), but the three levels of checks check the PERMISSIONS, not the role.
I would look at Spring Security and RBAC as a google search, and model on that. Here are a few links that I have found useful:
http://www.xaprb.com/blog/2006/08/16/how-to-build-role-based-access-control-in-sql/
http://www.xaprb.com/blog/2006/08/18/role-based-access-control-in-sql-part-2/
(because all the 'primitive' examples and crazily named checks in Spring Security, you will be advised to read articles that offer the use of alternative names and uses for the Spring permission 'hasRole()' checks. The following article discusses this in the design of an RBAC)
http://springinpractice.com/2010/10/27/quick-tip-spring-security-role-based-authorization-and-permissions/
(A good presentation on flexible uses of Spring Security, including RBAC)
http://www.infoq.com/presentations/Spring-Security-3
(The following gives a GOOD description of the RBAC problem and solutions, and is designed for PHP)
http://www.tonymarston.net/php-mysql/role-based-access-control.html
A PHP framework with a RBAC implementation:
http://trac.symfony-project.org/wiki/UserRbac
And finally, the class diagram for Spring Security. You will notice that it allows putting security information in a PARALLEL table to the entities being protected. This is by design, so that Spring Security can be added later, or taken out, or replaced easily. But it also means more tables.
http://code.google.com/p/uclm-esi-alarcos/source/browse/trunk/documentation/memoria-pfc/Figuras/Cap5/spring-security-class-diagram.png?r=295
Related
We are currently bringing an online business software to other EU markets, where not only language but also rules and regulations differ from country to country which made me wonder, what is the best way to implement such in a software?
The UI localization isn't really a problem - done that more times then I could care to count, but for example while invoicing countries tend to require different data (well not totally different, but different enough to make you think about it architecture wise) meaning different inputs, different validations and somewhat different handling of that data.
Which way can be considered better?
The standard way of localizing UI and adding the needed conditional statements for showing extra and hiding non-essential elements with similar conditionals in the Controller classes
Creating a copy of the app for the given country with slightly altered controllers and views (which will make the constant updates a nightmare, but the code much cleaner)
Trying to somehow create a Factory/Builder pattern around this?
While the last one sounds most reasonable to me, it frustrates me even more, as I have no clue on where to start yet. Any good pointers on that?
Language of the choice is PHP with Laravel
Definitely do not make different copies.
Have a look at your current database architecture and see how you can expand it to fulfill your requirements. Then rewrite or update the business-logic code layer of your application.
Then you will only need to make minor adjustments in the front-end.
This post is some kinda old, But the title is general and could be found by some others via search, so I wrote my answer in the following:
I think it's totally based on your architecture. In recent years, peoples are following different principles to break-down the whole application into meaningful microservices with specific tasks and boundaries. This mindset would help you to analyze the whole business process and the places that you may need to do some customization for each customer or country.
for example, for product catalog or inventory management, the processes between each country may not differ. but in the payment or order management, invoicing you need to do small modifications which would be quite easier while you are following a microservice pattern. Furthermore, you can have your own plugin loader structure which lets you modify, override and extend each instance by having a filter/hook feature in your application as you might have seen in WordPress and other opensource platforms.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am aware of full-blown content management systems (CMS) such as SugarCRM and TikiWiki... where content is typically stored in a database... and edited through the same interface as it is published. While I like many of the features, the product is clearly aimed at enterprise-wide use rather than to be public-facing.
What I'd like to establish are potential alternatives that fill the space between full-blown CMS and hand-coded bespoke site. I like the way that I can add modules to my CMS... allowing me to quickly introduce new functionality, and I'd like an analogous feature in a system for public web-content. Modules I know I'd like include moderated comments; web-form-to-email gateway; menus/tabs... in future, perhaps mapping or diaries or RSS integration - etc.
Where my requirements differ from a CMS, I don't need (or want) most content to be editable through the main site... and, somehow, I do want to be able to preview how updates will be presented to the public rather than to make live changes. For these purposes, in contrast to those where a typical CMS would be ideal, presentation is of paramount importance - and trumps any desire to immediately disseminate information.
I realise that this is a very high-level question... (suggestions of additional tags welcome) - I mentioned PHP only as - ideally - I'm looking for an open source solution and a PHP deployment is an easy option.
What are my options?
I don't need (or want) most content to be editable through the main site...
So you don't need (or want) a CMS.
You need to code the thing that you want yourself. You can, however, get help from existing tools. There are lot of API, frameworks, microframeworks... that can help you to do such things.
At first, do you accept to write your code with MVC. If not, the only tool I know is CakePHP.
If yes :
I noticed you wanted :
I like the way that I can add modules to my CMS... allowing me to quickly introduce new functionality, and I'd like an analogous feature in a system for public web-content.
So a framework with an easy "plug-n-play like" architecture would be fun. My experience with Symfony makes me say it is good for you.
for Symfony you have lots of bundles already written. Have a look at KNPBundles and FriendOfSymfony Bundles. FOSUserBundle, KnpBlogBundle are well known
But I also see that :
A framework might well be what I want... Zend is one possibility - though it is lower-level than I had hoped for.
So I can tell you about Silex, a microframework that is based on Symfony core (so it is a high level with no greedy extension) and its bundles architecture.
I also heard about hoa_project (because I follow its creator on twitter) but never used it so I can't tell you more.
The requirements you list are, in fact, those of a CMS. Correct me if I'm wrong, but you want:
Content-oriented modules (article, comment, moderation, web forms etc.)
WYSIWYG preview prior to publish
The ability to create (or re-use) modules
A high degree of control over the presentation layer.
What you don't want is:
"in-page" editing of content
There are many PHP content management systems which meet these requirements; I'm personally familiar with CMS Made Simple which has pretty much all the above. Drupal is a more fully featured (and complex) option which also offers this. Wordpress is a big favourite with those who need to build nice-looking sites in a hurry.
All these CMS solutions are focused at producing public-facing websites, rather than intranet knowledge sharing applications (they're pretty useless at that). Drupal provides workflow which allows you to manage the content publication workflow. The key thing they provide which is non-trivial to build from scratch is a way of providing "WYSIWYG" previews of content.
The major drawback with these options in my view is that they are great for content driven sites, but if you want to integrate functionality into the application, or tinker with the layout, you have to work through the CMS layer which wants to control the user interface; this can become a little tiresome.
This question is the sort that can spark religious wars. Since you aren't asking a coding or programming question, it can't be answered with fact, only with opinion.
In my experience, Symfony has always done well as a framework, following MVC architecture. As with any framework, developing a site using Symfony requires greater commitment and a lot more programming than would be required with a CMS.
I see you want a preview option. While you could do that yourself with Symfony, you might want to take advantage of that functionality within Drupal instead, using its workflow module. Of course, using Drupal's roles, you can make certain pages (or types of page) unavailable for modification.
There are many many ways to implement your requirements. The more research you do, the less likely you'll be to have to backtrack and re-write things.
UPDATE:
The best resources for learning Symfony are found on Symfony.com. Visit the Documentation section. "The Book" is a general resource on All Things Symfony, and I believe it's the most authoritative and complete resource you'll find.** I find it clear and well-written. "The Cookbook" contains examples and strategies for particular types of applications, and is more useful once you're comfortable using Symfony.
** When you're selecting books from Symfony.com, on the right-hand side of the page, you'll see a Select box saying "2.0 version". While 2.0 is the latest "release" of Symfony, you might want to change this to "master version", which will include references to features to be included in the upcoming 2.1 release. Symfony releases tend to be pretty radically different from previous version, so it will be good to develop for what will be "release" by the time you finish your project.
Each of the books can be downloaded as a PDF. All the books from Sensio Labs (creators of Symfony) are licensed under Creative Commons.
As for add-on software, Sensio has released a number of add-ons (called "bundles" in Symfony-speak). These are documented on the same site, but third-party bundles, of which there are many, have documentation generally provided by their authors. You can find a library of open source bundles at http://knpbundles.com/.
As for Drupal, I must admit that I generally implement things in Drupal more than Symfony these days. With command-line management using drush, it's extremely easy to keep up-to-date, and the Drupal software and module maintainers are friendly and easy to find in IRC (on FreeNode). Drupal has a HUGELY extensive collection of online documentation. It can be a bit daunting, actually, but things tend to be pretty well organized. There are a number of books that have been published on Drupal, and may be listed at http://drupal.org/books ... but I haven't ready any, so I can't make specific recommendations.
Without knowing more about your requirements, I can only recommend both Drupal and Symfony. :)
You are almost describing CodeIgniter. See this the video demonstrations and decide if this is what you need. CodeIgniter is not a CMS but rather a framework in which you can easily build a CMS that suits your exact needs.
I would like to add Yii (http://www.yiiframework.com/). A great framework with all sorts of lighten-your-programming features. A preview feature is not on-board, but not hard to add (http://www.yiiframework.com/doc/blog/1.0/en/post.create#implementing-preview-feature).
I am building a website with individual user customization in mind. So for instance, client #1 may say i want this feature to be designed for my account and then user #2 may say i want this added to my account. I was thinking of implementing a php if code where upon authentication those features will be loaded each time they login. But i have hundreds of thousands of customizations that i will be doing, to add each php code for each client will be terrible, is there a way i can do it more easily and with less stress?
Added from comments to particular answer:
"Basically i am running the technical side of a business intelligence company. We offer various reports and information along with a dozen analytic tools. So one user might say i want all that you offer plus a custom feature where a particular area of the business is being analyzed and then upload to their account. As you can imagine there can be hundreds of such requests for a lot of accounts."
Your best bet is to either design yourself a framework, or find an existing one that supports this level of customization. Either way, it's not a small job, and launching code for each user leaves you prone to security issues and bugs arising from out-of-date methods as time goes on.
Ask yourself what kind of customizations you're doing, and if they can be abstracted away from the code level by (for example) a templating system.
Designs can fit in certain generic requirements. So until and unless you have some generic requirements, you can not do the design. For example, if requirement is for different look and feel for each client, you might go for dynamic theming. Similarly, for positional changes for different users, you can think of user profiling. For language, also you can keep the user language as part of the profile. Study different approaches for user profile management and then take a step ahead.
As others have said, its impossible to give a specific answer without knowing a lot more about what you mean by "Customization". The only sensible answer is the one you've already provided - i.e. to implement as much as possible of the variable behaviour in data.
This in itself may not be a trivial exercise - on one application I worked on, I designed a heuristic artificial intelligence engine (in PHP) which was hugely successful - but this was a fairly complex exercise in software engineering, and one I'd be hesitant to recommend to anyone who needs to ask the question.
Assuming that pushing all the application logic into data is not practical, then there are some other approaches you might consider, e.g. splitting the customizations into seperate php files (or templates if its just a display thing):
<?php
session_start();
/* do authentication checks...*/
$app=$_SESSION['user_profile'] . '/' . dirname($_SERVER['SCRIPT_NAME'] . '/inc.php');
if (! include_once($app)) {
include_once('default/'.dirname($_SERVER['SCRIPT_NAME'].'/inc.php');
}
...
Although it would be posible to store php code in a database and eval it at runtime - I'd not recommend this as it opens the door to code injection attacks. OTOH, it may prove easier to implement the customizations in a different language and call that from PHP e.g. prolog.
C.
I am just about to undertake building a relatively large PHP system, I just need some ideas on how to implement a certain feature.
I will allow users to register. Once registered, the user will have a security level which will be assigned to their account.
So if I had security levels 1, 2 and 3, what would be the best way to show certain things to people with certain security levels ?
Thank you in advance.
Before you reinvent the wheel, be sure to look whether Zend_ACL is for you. I haven't used it myself but from what it promises in the docs, it can do what you need and much more.
Pekka's comments about looking at the Zend API's are good. Many of the Frameworks for PHP are currently (sadly) badly implemented junk (with hideously amateur code underneath), but the Zend API's are almost uniquely valuable.
If you do roll your own, which there is nothing wrong with doing if you can't find something that fits what you want (and can't be extended easily), then I'd take an OO approach and expose user properties via a class.
e.g.
$user = new User($session->userId);
if (!$user->isAdministrator && !$user->canViewReports)
someErrorHandler("You do not have permission to access this content.");
I'd avoid having fixed levels, but instead follow a roles based approach.
i.e. I'd avoid having levels like:
Staff
Manager
Administrator
And instead I'd go for properties (just as illustrative examples):
read_access
write_access
can_view_logs
can_view_reports
is_administrator
This allows you to be easily more explicit later, when you (inevitably) discover you want an additional permissions group you want have to go back and change existing code.
That doesn't mean putting users in groups is a bad idea (it's not and you could implement this using a groups system, e.g. where by a user could be in both "Reporting" and "Logs"), but assumptions about security levels being hierarchical are typically the wrong approach (e.g. Level 1=Staff, Level 2=Managers, Level 3=Admin) - this is because you almost always end up needing a system that's more flexible than a simple hierarchical system allows.
In practice if you do end up taking this approach, you may want to have a Permissions or Group class, to avoid having an overly large User class (which might end up full of stuff for getting user properties, setting new passwords, etc).
e.g.
$group = new Group($session->userId);
if (!$group->Administrators && !$group->Reporting)
someErrorHandler("You do not have permission to access this content.");
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
Improve this question
I'm curious how others have offered customizable forms to their website's users (who are primarily non-technical). It is possible that there is a library out there that achieves this, but I have not seen one.
Some of the concerns are:
Options for each form element
What kind of options to provide to the user, keeping in mind that all of these need to be persisted.
Layout Customization
Is it enough to just have a top to bottom sequential layout. Is it really necessary to offer different layouts? (For instance, a two column layout)
Database storage
Any efficient/relatively quick methods for storing the data entered in the form in a database. The issue here being that you don't know how many columns will be needed. And also, is it okay to store everything as a VARCHAR (losing some of the 'queryability' of dates/integer).
Validation
Should validation be built in (dependant on field type), or customizable?
There are a lot of possibilities, and I'm looking to see what others have used/offered and what they found to be effective. And any potential gotchas or whether it is not really worth it to offer this.
This is one of the holy grails of vertical market application software architecture. Many have tried, most have failed. See what Sharepoint does in this regard. You can't see the architecture, but you can see the user interface.
Beyond a fairly trite level of complexity you will need to add technically literate people into the process. For example, an insurance platform called ZygoWare was released under the premise that it could be customised directly by the business. In practice this tends not to work very well on something like an insurance policy administration system and the product has a reputation for being difficult to implement.
For something like salesforce.com or an online store builder the product is simpler, so it will be easier to achieve direct end-user customisation.
At one point I was involved in specifying an insurance underwriting product. Supporting customisation in such a product has several key aspects:
Database schema - allowing the system to be configured with custom attributes. In commercial insurance a contract record can have 200 fields and may also have several complex structures sitting below it.
User interface. The system will need to record these, so a means to custom fields on a form is necessary. You may also need to set up other screens and database tables.
Business rules. You may want to use a business rules engine to support configurable business logic. This gets quite complex in its own right and the analyst designing the rule sets needs to be deeply familiar with both the business domain and the system architecture.
Workflows. Workflows are de rigeur in volume business and making inroads into large commercial business as well. In subscription markets your workflows involve third parties that may or may not actually have the facilities to participate in the workflow.
Products. A platform may need to support multiple insurance products (e.g. commericial property, life/health, marine cargo, motor, offshore energy). In order to avoid having to deploy a different policy administration system for each department in your company (A typical Lloyds syndicate employs 50-200 people) your platform must support different product lines in some way, possibly involving custom screens, workflows and business rules for the different products.
This lives at the complex end of software customisation. In practice, software like this requires analyst and development skills to sucessfully implement a business solution. The domain and product are sufficiently complex that they are not feasible to implement without specialist skills.
On that basis, my approach to customising a system has a few key pillars:
Recognise who will actually be customising the system
Build it to suit them. In the case above the right level is a team of analysts and developers working for the vendor, in-house (contractors and permanent staff) or a third party consultancy. The appropriate level of abstraction is a scripting language that allows extension (on a per-product basis), a form building tool (such as QT designer or Visual Studio), a database schema management tool and possibly a rule engine such as Ilog. In the case of an on-line store builder a power user could reasonably figure out how to do it themselves.
Address what needs to be customised
In the case of an insurance platform you will have customisation at a level that you are rolling out a substantially bespoke system. The system architecture for this should allow extensions to be plugged in without having to regression test the whole system. In the case of an online store you are substantially customising the layout of the displays and configuring account information with payment providers.
Don't delude yourself about the complexity of the problem.
Don't try to dumb down a system beyond its natural level. History is littered with people who thought they could make a platform that end users could use to build and maintain a complex business application. The only commercially successful example of such a product is a spreadsheet. If you want to see how well this works in practice, try spending some time working in the back office of a large finance company.
Most regulatory authorities such as the FSA take a dim view of 'end-user computing' and the regulatory environments of such industries drive many FTEs worth of time-consuming CYA and manual controls over such processes. It is quite common to find the same computation done redundantly in multiple areas within the back office of such an organisation and the results reconciled against each other to provide a manual control so somebody can feel safe signing off the figures.
I would not try to build a system like that from scratch. Creating a generic form building application that would be able to edit data of any shape, as well as edit the layout, is indeed a holy grail.
Entire companies have been built around this; take a look at, for example: www.wufoo.com, or Microsoft Office InfoPath.
Simpler efforts include Google Spreadsheet (with its form editing / data entry piece), but it's a bit too simplistic for most scenarios.
Have you considered using MS Dynamics CRM? Similar in a lot of ways to Salesforce. It's very easily customisable from a user's perspective, so much so that we have to lock some users out from customising the UI.
From a dev's perspective it has the following building blocks:
DB layer persistence (to SQL Server).
UI customisability
Form-level and field-level security profiles
Reporting (via SQL Server Reporting Services).
Customisable business processes, workflows and dialogs.
Extensible custom code injection points (through registering custom plugins)
We use it a lot to build solutions in the public-sector, health industry we're in. It's really quite good.
The bad about it, it requires a good network/infrastructure team...