On 12:32 am, michal.dtz@gmail.com wrote:
2009/4/19 Jeff Rush
:
I think I like the current approach... Once you learn how to use it and how to set it up properly (this is a key phrase here), it will take a few things off your head. Even if setting it up is cumbersome, the idea of web resource wrapping an avatar object is pretty cool, as you don't have to put access control logic into web resource objects -- you just enable these and these resources for that level of privleges, which in fact gives you fine-grained security model.
I agree with you that the way guard/cred work is kind of neat, but it's kind of neat as a cooperative low-level primitive for building more full-featured systems on top of. I can see the OP's point here: for a lot of use-cases, it's incomplete and you need to do a lot of extra work. Work which isn't particularly well documented. It would be really nice if we had more examples of *how* to build things on top of it. If anyone reading this thread has some code to link to, I encourage you to share it. Mantissa's sharing system is a good example, but it does a lot more than just wrap resources in a few simple permissions. Also, as you say:
unfortunatley, it is not a very well documented piece of software.
I look forward to your doc patches ;-).