Previous | Next
WireHose Developers Guide

Access control

The WireHoseEngageSupport framework is an optional collection of classes which work together to provide roles-based access control for taggable objects.

WHEngageTag is a WHTag subclass which implements WHTaggable and WHIndexable to implement access control.

WHEngageUser is a subclass of WHUser. Users can belong to multiple groups, and also have their own group so you can grant permissions directly to an individual user.

WHGroup is a tag whcih represents groups of users which have permission to perform operations on taggable objects. Groups can be arranged in any hierarchy required; membership in a group implies membership in all of its ancestor groups. Everyone is a member of the "Public" group.

WHPermission is a tag which is assigned to taggable objects to indicate that members of a specific group can perform a specific operation on the tagged objects. Permissions are inheritable by default; if an inheritable permission is assigned to a tag, then all resources tagged with that tag, or any of its descendent tags, will share the same permission as if it had been assigned to each resource directly.

WHOperation objects represent a particular operation which can be exercised on a taggable object, such as viewing, editing or deleting. Operations are hierarchical; the "Manipulate" operation implies its descendents, "View", "Edit," "Delete" and "Assign". The "Assign" operation models assigning tags to taggable objects.

Previous | Next