Hi All,
I am puzzling with the admin settings/permission layout.
My main question is where exactly to put/How to organize admin settings. Listing them in the O.NA/prefix handle or putting them in extra handles like prefix/ADMIN_XXX ?
How do the admin permission flag effects exactly depend on the context/scope ? For example, is there a difference between setting ADD_HANDLE in 0.NA/prefix for some HS_ADMIN value there and the same in a prefix/ADMIN_XXX ?
I also couldn't keep my hands from playing around with our test na handle ;-) 0.NA/10081 . It suprised me, probably due to some misunderstanding I have, that I could do the following:
From standard starting situation (0.NA/10081) :100 HS_ADMIN referencing 0.NA/0.NA with big boss permissions 101 HS_ADMIN with handle=0.NA/10081; index=300; [create hdl,delete hdl,add val,read val,modify val,add admin,list]
Using 101's permissions I was able to add a HS_PUBKEY (add val),
adding a 102 HS_ADMIN (add admin) with [create hdl,delete hdl,add
val,read val,modify val,del admin,add admin,list] extended permissions.
Using 102 I could extend permissions for 101 :
[create hdl,delete hdl,create NA,add val,read val,modify val,del
admin,add admin,list]
Using 102 I could delete the big boss at 100.
And then I created using 101 a sub-na:
0.NA/10081.1 , just with email and HS_ADMIN to test permission effects.
Thanks, Sean
All that is probably ok, but gives me the impression that I need further
explanations before going to set up different admins otherwise I could
create inconsistent permission settings.
Would really appreciate if somebody here could provide further explanations. Thanks!
Konstantin
_______________________________________________ Handle-Info mailing list Handle-Info@cnri.reston.va.us http://www.handle.net/mailman/listinfo/handle-info