Permission system - Users, Groups, Roles

From ActionApps Documentation
Jump to: navigation, search

Protecting slice data against an unathorized read access

Origin: FAQ: id=1667 Protecting sensitive data against reading rel:1702

It has to be said that ActionApps is primarily focused on making the content easy to publishing, share, exchange and distribute. As such, there has been a very low presure on introducing functionalities for protecting the data against unathorized access.

Probably the only exception to this is the special type odf slice called Reader Management slice, which stores user's password and other personal data (which can be the case with any slice). In this case it is important that some data are not accessible for reading. This is achieved by setting a reading password for slices containing sensitive data. If you fill the field "Reading Password" in Slice Settings, you must always sent this password as a parameter slice_pwd. This may be done by adding this parameter to SSI includes like 

<!--#include virtual="/aa/slice.php3?slice_pwd=the_password&slice_id=xy...."-->

or for view: 

<!--#include virtual="/aa/view.php3?vid=439&slice_pwd=the_password"-->

If somebody tries to fetch read-protected data without the correct password, all fields are filled with an error message.


Note on the implementation: the password is checked in the GetItemContent() function. For AA control panel pages (Item Manager and Item Edit), the function FetchSliceReadingPassword() is used.
Retrieved from "http://documentation.actionapps.org/documentation/index.php?title=Permission_system_-_Users,_Groups,_Roles&oldid=3227"