Access controls
Access control prevents unauthorized users from reading or changing components. So far, all of the explanations of the team development environment have assumed that access controls have been set to the most open settings.
The system provides two types of access controls:
Image and library controls
Application controls
Image and library controls protect the integrity of major system components. For example, they bind the ownership of an image to a specific user with password protection.
Application controls enable application managers to implement policies that control access to specific applications. These policies can do the following:
Prevent unauthorized users from loading an application into an image
Hide code from some users
Show some users of a class only its specification (both the class comment and method comments)
Allow some users, and not others, to create editions of classes
Allow application group members to transfer ownership of classes
Allow application managers to configure the above items
Image and library controls
To ensure that an image binds to one user, the system checks an image user's network name against the user's network logon ID whenever a user launches the team development environment. Depending on how a library is set up, the system might prompt the user for a password if the user's network name differs from the user's network logon ID.
Application controls
Application controls can grant different access privileges for an application to the following:
Owners of classes contained in the application (Owners)
Users who are developers in the application group (Group)
Users of the system (World)
Application managers specify the access privileges for an application. The following table shows each type of application control, along with their possible values:
Action
Possible values
Indicated permissions
Execute
World, Group
Can load and run an application
Read Public Specification
World, Group
Can read public method comments
Read Public Source
World, Group
Can read public method source code
Read Private Specification
World, Group, Owner
Can read private method comments
Read Private Source
World, Group, Owner
Can read private method source code
Create Editions
World, Group, Owner
Can create class editions
Change Class Owner
Manager/Owner, Group
Can change the ownership of a class
The default value for each access control is World.
Using these access controls, you can define class ownership policies for applications that you manage. For example, if the Create Editions privilege for an application is set to Owner, then only the owner of a class can change the class. If the privilege is set to Group, then only group members of that application can change classes contained by the application.
Setting access control privileges for applications
To specify access control privileges for an application that you manage:
1. Open an Application Manager by selecting Manage Applications from the Tools menu.
2. From the list of applications (left pane), select an application that you manage.
3. From the Applications menu, select Privileges; then select an access control and then a privilege value.
4. Repeat step 3 for each access control that you want to have a privilege value other than the default World.
If you set privilege values other than World, bear in mind that not allowing all members of your team to access your code can inhibit software development. One of the advantages of the Smalltalk development environment is that team members can build on, and learn from, each other's work. Thus, you should probably use the default World and restrict access only when necessary.
Last modified date: 05/19/2020