Refactoring Proposal: Registration should not be in the TWiki Web.
Motivation
Man reasons but principally:- All the other user & identification topics are in the Main web
- The TWiki web is about configuration & documentation
- It would be nice to make the TWiki web 'read only' (see RegistrationDoesNotCompleteIfTWikiWebProtected)
Description
The refactoring is strainght forward. The Registration form & supporting code references are moved from the TWiki web to the Main web. -- AntonAylward - 13 Nov 2005Impact and Available Solutions
Documentation
Some small chage to the documetnation is required.Examples
No APIs are affected by this change.Implementation
Trivial. No actual change to code is required.Discussion
This is really a rationaliztion. The TWiki web is about documentation and configuration. All the user topics, groups, supporting tables are in the Main web. That is where registration ends up. It is also where registration should start. -- I'd like to add to the mix the idea that users can be defined in more than one web - basically, i'd like to have a Users web for the admins, a Shop/Users web for users of the Shop, and Bugs/Users for users able to report bugs, and natrully, to be able to combine the users from multiple webs to give them all access to the Sandbox web
makes me wonder if active topics like this shouldn't be in something akin to the templates web, as they are very similar to the Attach screen, the 'more actions' page etc...
-- SvenDowideit - 13 Nov 2005
What you are describing, Sven, is perilously close to RBAC - role based access control.
I much prefer RBAC for a number of reasons. Principally its a lot easier to administer than access control lists. With a large user base ACLs can get very long and difficult to administer (as well as verify, debug and audit). RBACs are much simpler: "This is what this role can do" A user can have more than one (zero?) role if necessary. RBACs are much easier to administer and are O(#of Roles) rather than O(# of users) from a performance POV.
While ACLs are straight forward to program - that's why historically they are so common - RBACs are more business orientated and in fact no harder to program. It is not a new technique, it was documented first back in the mid 1970s. I've used it myself in a number of database applciations. See http://csrc.nist.gov/rbac/
for details as well as an implementation example.
However this is quite separate from the issue of this topic, that .... Registration should not be in the TWiki Web.
-- AntonAylward - 13 Nov 2005
I concur: Registration should not be in the TWiki web.
I am about to disable registration on a site I am administering - and because the text I need to change is in the TWiki web I'm changing stuff that should be immutable.
-- MartinCleaver - 14 Nov 2005
Topic revision: r4 - 2005-11-14 - MartinCleaver
Site map
Blog web
Create New Topic
Index
Search
Advanced search
My topics of interest
Changes
Major changes only
All tags
Notifications
RSS Feed
Statistics
Preferences
Community 
Readme first
Developers News
How you can help
Community roles
#twiki IRC
Lima Release
Feature Proposals
Bugs Changes
Categories 
Account 
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.