+7 (495) 987 43 74 ext. 3304
Join us -              
Рус   |   Eng

Authors

Kvashnin V.

Degree
Moscow Aviation Institute (National Research University)
Location
Moscow
Articles

Permission system and its management organization in BlockSet project

The article discusses the features of the permissions system in the BlockSet project. Its principles is shown both from the position of administration and from the position of its internal organization. The authors have shown the possibility of implementing access control of various levels of complexity with simple and accessible tools of the BlockSet project. In the classical development of a dynamic web-application, the obvious solution is often to write the business-logic of permissions as part of the server side itself, that is, such code will be written in advance taking into account the specificity of the resource being developed, will have opportunities, the need for which was described in advance and, perhaps, can afford the disadvantages, the presence of which will not be so critical due to the fact that it was determined in advance again which aspects of the final system would not be so important. The complexity of developing such system for big projects like BlockSet lies precisely in the fact that the requirements are not known in advance. And considering the paradigm of flexibility of this project, it is necessary to take into account all, or almost all possible requirements for creating such systems and create tools for their implementation. To solve the problem of flexibility, the stored permissions are located directly in the database itself so that each piece of information can be associated with a separate set of permission properties. For storage of such a complex structure PostgreSQL is used. It uses composite data types that allow avoiding high productivity costs when storing structures in the JSON form when creating additional entities. Thus, all attributes except primary keys are composite and consist of a block of information value of the required data type and two blocks of rights: dynamic dynamic_p, described below and static static_p, the data type that stores an array of strings. Due to the possibility to set a separate set of permissions for each piece of information, the necessary flexibility is achieved. However, if we’ll take an analogy with users and groups, permissions set for each cell is a very time-consuming and inefficient practice in most situations. To refer to a group of blocks, there are simultaneously block-interfaces and dynamic permissions. The usage example is very simple. With the task to create a forum, it may often be necessary to manage all the posts of the same topic simultaneously. The permission system in the BlockSet project allows describing in detail the distinctions between operations and rights over various pieces of information between users and groups, which corresponds to the project’s paradigms on flexibility and low entry threshold, and also significantly optimizes the development process.
Read more...

Permissions access meta-management implementation using BML in the BlockSet project

Development of a web-resource today is a very frequent and not always simple task. Especially if we are not talking about a static one-page website, but about a dynamic web application with an unlimited number of pages, as well as the ability to withstand heavy loads, typical of such projects. To solve these problems, there are very few ready-made solutions. Of the best ones, perhaps, only WebDSL can be distinguished, but even it has a number of drawbacks inherited from the Java project implementation language, such as, for example, low flexibility, high performance costs and the need to install a java-machine. The development process was carried out using a relatively low-level C++ general purpose programming language, which saved the project from the problems that its competitors faced, ensured high interpreter performance and cross-platform system-wide. The authors described in detail the selected means of the meta-management of the access rights of the BlockSet project, as well as the syntax of their use in the declarative highly abstract subject-oriented language BML, using simple and accessible examples to demonstrate the conciseness, but the constructiveness of the selected syntax solutions. The results obtained are of great value, as they significantly simplify the further process of administering a web resource, which is also one of the main tasks of the BlockSet project. Thus, the BML language, together with the system of access rights, provides flexible, powerful, and at the same time fairly simple and understandable methods for organizing the required system, which corresponds to the project’s paradigms on flexibility and a low threshold of entry, and also significantly optimizes the development process. Read more...