Using ACLs in JSON
Carlos Nepomuceno
carlosnepomuceno at outlook.com
Fri May 24 12:13:15 EDT 2013
Not exactly what you want but you may consider Google ACL XML[1].
If there aren't any system integration restrictions you can do what you think it's best... for now.
[1] https://developers.google.com/storage/docs/accesscontrol#applyacls
----------------------------------------
> Date: Fri, 24 May 2013 01:18:06 -0700
> Subject: Using ACLs in JSON
> From: peter.h.m.brooks at gmail.com
> To: python-list at python.org
>
> I'm designing a system that should allow different views to different
> audiences. I understand that I can use application logic to control
> the access security, but it seems to me that it'd make more sense to
> have this documented in the data-stream so that it's data-driven.
>
> I was wondering if there was any standard way of doing this in JSON.
> Alternatively, is there a better way of organising this in Python
> that's compatible with JSON?
>
> I've put an example of the sort of thing that I mean below. The idea
> is that this object is accessible for viewing or deleting by the role
> 'HR' and available for change only to the owner of the record itself.
> In addition, the record can be viewed by those with the role
> 'manager'. The syntax may be wrong, but I hope that my intention is
> reasonably clear.
>
> Is there an existing practice or standard for doing this sort of
> thing?
>
> {
> "title" : "Example Schema",
> "type" : "object",
> "version" : "1.0",
> "properties": {
> "firstname" : {
> "type": "string"
> },
> "lastname" : {
> "type": "string"
> },
> "age" : {
> "description" : "Age in years",
> "type": "integer",
> "minimum": 0
> }
> },
> "ACL-view": ["HR","Manager",["firstname","lastname"]],
> "ACL-change": ["firstname","Lastname"],
> "ACL-delete": ["HR"],
> "required": ["firstname","lastname"]
> }
> --
> http://mail.python.org/mailman/listinfo/python-list
More information about the Python-list
mailing list