[geeklog-devel] [contact-us] Updated proposal for GSOC

Dirk Haun dirk at haun-online.de
Tue Mar 30 14:21:17 EDT 2010


Abhishek Shrivastava wrote:

>I understand you like students to make decisions
>before proposals. even i would love to! But I don't know what channel should
>I use... public irc or private emails.. ?

For technical discussions, a public place would be better (geeklog-devel
or IRC), so that others can chime in. So I'm redirecting this back to
geeklog-devel.


[regarding the Configuration GUI project]
>1) For the AJAX search box, should the response from the server come as XML
>or a JSON object...

I have no clear opinion on this. JSON seems to more commonly used. PHP
has native functions for JSON as of PHP 5.2 and for earlier versions,
there's a PEAR package. So that shouldn't be a problem.


>But then JSON are parsed using eval() function, which can create
>trouble if the response contains malicious codes (well actually, it
>shouldn't happen because the server is within user's control).

Good point. I would assume there are best practices so that JSON
requests aren't easily spoofed. That's something that should be
mentioned in the proposal.


>2) For the access-control features, should we fine-grain the permissions to
>per-option basis or per-configuration-group basis will do ?

In practise, permissions per fieldset are probably fine-grained enough.
I can imagine that some of the fieldsets need to broken up and
rearranged, though.

From a technical point of view, since the fieldsets and the actual
options are all in the same table, you would end up with unused
permission fields on every option, so you may as well go all the way. Is
this something that could be implemented in two steps? Per fieldset in
any case, per option if time permits?


>3) Then there's another thing to be looked into.. whether we should create a
>new table for storing permissions of user-groups over config-groups or can
>we just add the config-groups as "features" to the already existing
>features,featurecodes and access tables...

Is there any real benefit in having a second table?

bye, Dirk


-- 
http://www.haun-online.de/
http://geeklog.info/




More information about the geeklog-devel mailing list