phpGACL汉语言手册(七)
phpGACL中文手册(七)
解决冲突
如果我们把Chewie加入到工程师组中会出现什么情况呢? 缺省:全部拒绝
千年隼号乘客
├─船员 [允许:全部]
│├─Han
│├─Chewie [拒绝:发动机室]
│└─Lando
├─乘客 [允许:休息室 ]
│├─绝地战士 [允许:驾驶室]
││├─Obi-wan
││└─Luke [允许:武器室]
│├─R2D2 [允许:发动机室]
│└─C3PO
└─工程师 [允许:发动机室,武器室]
├─Han
├─R2D2
├─Hontook
└─Chewie
这就使Chewie到发动机室的权限产生了歧义,因为从根沿树遍历到Chewie出现两条路径。如果飞船的计算机沿其中一条路径(船员路径),将得到"拒绝进入发动机室"的结论。而沿另一条路径(工程师路径)则会得到"允许进入发动机室"的结论,那么他到底有没权进入发动机室呢?
当你添加或编辑分属多组的ARO对象使之对某个ACO对象的权限发生歧义时,phpGACL系统将警告你。但它会最近优先以便解决冲突。
如果我们现在问phpGACL"Chewie有权进入发动机室吗?"那么返回的结果是最近ACL被修改的内容(这是phpGACL的策略)。在上面这个例子中,返回的结果是"允许",因为被工程师组指定的"允许:发动机室,武器室"权限的时间要比被船员组指定的"拒绝:发动机室"权限时间要近。
当有歧义的权限设定在ACL列表中存在时,该ACL列表被称为不一致。不一致的ACL列表是非常危险的,如果你允许你的ACL列表保持在这种状况下的话,你可能会在不经意之下把权限赋给不恰当的人。当phpGACL警告你ACL列表不一致时,最好还是去解决冲突以尽可能恢复其一致性。
为解决上例的冲突,我们可以作以下任何一步:
- 删除在船员组中Chewie的"拒绝:发动机室"指令
- 添加在工程师组中Chewie的"拒绝:发动机室"指令
- 在工程师组中删除Chewie,因为Han无论如何不认为他作工程师是一件值得考虑的事
Han选了第三种方案,将Chewie从工程师组中删除
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
HTTP verb and path based ACL configuration in Nginx reverse proxy
Jun 10, 2023 am 09:22 AM
Nginx is a high-performance web server and reverse proxy server. Its powerful configuration capabilities enable Nginx to be used in a variety of different scenarios. Among them, ACL configuration based on HTTP verbs and paths is a commonly used method in Nginx reverse proxy. This article will introduce its principle and implementation method. 1. The concept of ACL ACL (AccessControlList) is an access control list, which is a rule-based access control technology. By defining some rules, different access
How to use ACL (Access Control List) for permission control in Zend Framework
Jul 29, 2023 am 09:24 AM
How to use ACL (AccessControlList) for permission control in Zend Framework Introduction: In a web application, permission control is a crucial function. It ensures that users can only access the pages and features they are authorized to access and prevents unauthorized access. The Zend framework provides a convenient way to implement permission control, using the ACL (AccessControlList) component. This article will introduce how to use ACL in Zend Framework
How to use ACL roles in CakePHP?
Jun 04, 2023 pm 06:21 PM
CakePHP is a popular PHP development framework that provides a comprehensive permission control mechanism, namely AccessControlList (ACL). Using ACLs can help you control the access rights of each user in your application. In this article, we will cover how to use ACL roles in CakePHP. Configuring the ACL component First, we need to configure the ACL component in CakePHP. Add the following code in app_controller.php:
Applying Linux ACLs: Personalized File Permission Management
Feb 25, 2024 pm 01:42 PM
"LinuxACL Application Example: Customized File Access Permissions" In Linux systems, ACL (AccessControlList) is a more flexible and refined file access control method that allows administrators to set different permissions for each file. Through ACL, we can achieve more detailed management of files and achieve customized file access permissions. This article will introduce how to use ACL in Linux systems, and give some specific application examples and code examples. 1.What
A closer look at Linux ACLs: Mastering the use of access control lists
Feb 24, 2024 pm 08:57 PM
Detailed explanation of Linux ACL: To master the function of access control list, you need specific code examples. In Linux systems, ACL (AccessControlList) is an important mechanism for managing file and directory access permissions. The traditional Linux permission system only has simple rwx permissions and cannot control the access permissions of different users to files and directories in detail. ACL provides a more flexible and refined permission control method, allowing administrators to set different permissions for different users and groups.
ACL configuration based on request method and request header in Nginx reverse proxy
Jun 11, 2023 pm 08:20 PM
Nginx is a lightweight and efficient web server that is increasingly used in building modern web applications. Its reverse proxy function allows Nginx to be used for load balancing, caching, open source API gateway and other purposes. This article will focus on ACL (access control list) configuration based on request method and request header. ACL is a mechanism used to control access and is widely used in Nginx. Through ACL, Nginx can filter and verify requests and then distribute them to the target server.
Netizens condemned ACL chairman for publicly criticizing arXiv and suggested considering other top conferences
Dec 19, 2023 am 08:23 AM
Emily M. Bender, professor at the University of Washington and vice chairman of the ACL2023 conference, caused a huge controversy a few days ago. The arXiv has ruined the research atmosphere. So what are we reading every day? Harvard University professor Boaz Barak said that arXiv has done much more to promote scientific progress and expand scientific participation than all anonymous interventions. Any policy that hinders arXiv is not only stupid, but will also be detrimental to scientific progress and inclusion. Deep learning giant Yann LeCun gave support to his views. The discussion about Emily Bender's views is actually not completely unreasonable. After all, arXiv is a platform with almost no review: if you want to learn
Guide: Protect your files and directories with Linux ACLs
Feb 26, 2024 am 08:03 AM
In the Linux operating system, ACL (AccessControlList) is a very powerful tool that can be used to more finely control access permissions to files and directories. Through ACL, users can set specific permissions for specific users or user groups, not just limited to the traditional read, write, and execute permissions for users and groups. This article will introduce you how to use ACL to protect your files and directories, and provide specific code examples for reference. What is an ACL? In traditional Linux permission management
