The Users Model

Actors and Users

The central object of the Users model is U_Actor, which represents entities with authorisation to act upon the system. This could be, for example, human users (modelled by U_User) or automated agents (such as U_DataFeed). Other types of actor could easily be added if necessary.

Roles and Permissions

Each actor is assigned a number of roles, where each role can be assigned a number of permissions. A user's rights are considered to be the sum union of all the permissions set across all the user's roles. Each permission carries a name which acts as a "magic string"; code in various applications will look for permissions with certain names before allowing users to proceed.

Object Locking

The Users model also contains a mechanism to allow actors to register locks against objects, in the form of the U_Lock entity. Locked objects can be of any entity, as long as the entity has a simple integer primary key. This is purely voluntary locking; a lock on an object will only be honoured by code which does the required checking.