Comments on: All My Hosted Stuff with Dynamic Sharing

By: Julia

Julia — Wed, 11 Mar 2009 20:30:06 +0000

Do you have any resources you recommend for learning about OAuth? I just got back from Drupalcon in DC where they were talking about integrating OAuth into Drupal 7. I’m still quite confused about what it means for me today and what I can do to speed its implementation.

By the way, I found your post via the Barcamp RDU list of people. I’m a SILS grad.

By: Terrell Russell

Terrell Russell — Wed, 17 Dec 2008 16:15:55 +0000

No, I wasn’t really laying out a case for a new spec or protocol.

I agree with you, it’s entirely contained within the infrastructure doing the ‘controlling’.

I was more interested in a common approach (or language, as you say) to allowing access to ’stuff’. A set of rules instead of particular binary decisions like normal ACLs. I think the ACL should be dynamically determined via a set of rules when a request is filtered through them.

I haven’t found a rules engine in PHP…

It basically needs to match a ‘left hand side’ to a condition, and then execute the ‘right hand side’. A binary ’sharing’ decision would be made after running a request through all the stated rules.

By: Will Norris

Will Norris — Sun, 14 Dec 2008 23:53:34 +0000

Do we actually need a common spec for the rules engine? We absolutely need open standards when two different parties are needing to interact, but I’m not sure that’s the case with a rules engine. The person or device will be communicating with terrellrussell.com using some protocol (maybe ATOM for subscribing to data feeds, or the Flickr API for publishing photos). That person or device will be authenticating to terrellrussell.com using either OpenID or OAuth. But the rules engine exists entirely within terrellrussell.com. The external person or device need not (and probably should not) know anything about the process used to derive at their granted privileges. Internally, terrellrussell.com could use any kind of rules engine… perhaps an existing enterprise vendor product, or something a little less heavyweight written as a WordPress plugin.

All that being said, there is certainly value in having a common language for expressing the rules, just as there is in the enterprise environment. It allows you to use completely separate tools for managing and applying the rules if you wish, and also allows you to switch out the rules engine you are using, and migrate your rules over. It’s just yet another kind of personal data that needs to be made portable.

I think perhaps a good approach to start with would be to find a decent rules language that will work for this use case (even if we were to just take a subset of an existing language), and try to build a lightweight WordPress plugin that uses that.

By: Terrell Russell

Terrell Russell — Sun, 14 Dec 2008 17:45:16 +0000

well, in fairness, the all caps is the CSS :)

By: Fred

Fred — Sun, 14 Dec 2008 17:15:06 +0000

Whoa. Bold, all caps and a retro Gary-style diagram!