Access controls
Access control prevents unauthorized users from reading or changing components. So far, all of the explanations of the team development environment have assumed that access controls have been set to the most open settings.
The system provides two types of access controls:
• Image and library controls
• Application controls
Image and library controls protect the integrity of major system components. For example, they bind the ownership of an image to a specific user with password protection.
Application controls enable application managers to implement policies that control access to specific applications. These policies can do the following:
• Prevent unauthorized users from loading an application into an image
• Hide code from some users
• Show some users of a class only its specification (both the class comment and method comments)
• Allow some users, and not others, to create editions of classes
• Allow application group members to transfer ownership of classes
• Allow application managers to configure the above items
Image and library controls
To ensure that an image binds to one user, the system checks an image user's network name against the user's network logon ID whenever a user launches the team development environment. Depending on how a library is set up, the system might prompt the user for a password if the user's network name differs from the user's network logon ID.
Application controls
Application controls can grant different access privileges for an application to the following:
• Owners of classes contained in the application (Owners)
• Users who are developers in the application group (Group)
• Users of the system (World)
Application managers specify the access privileges for an application. The following table shows each type of application control, along with their possible values:
| | |
Execute | World, Group | Can load and run an application |
Read Public Specification | World, Group | Can read public method comments |
Read Public Source | World, Group | Can read public method source code |
Read Private Specification | World, Group, Owner | Can read private method comments |
Read Private Source | World, Group, Owner | Can read private method source code |
Create Editions | World, Group, Owner | Can create class editions |
Change Class Owner | Manager/Owner, Group | Can change the ownership of a class |
The default value for each access control is World.
Using these access controls, you can define class ownership policies for applications that you manage. For example, if the Create Editions privilege for an application is set to Owner, then only the owner of a class can change the class. If the privilege is set to Group, then only group members of that application can change classes contained by the application.
Setting access control privileges for applications
To specify access control privileges for an application that you manage:
1. Open an Application Manager by selecting Manage Applications from the Tools menu.
2. From the list of applications (left pane), select an application that you manage.
3. From the Applications menu, select Privileges; then select an access control and then a privilege value.
4. Repeat step 3 for each access control that you want to have a privilege value other than the default World.
If you set privilege values other than World, bear in mind that not allowing all members of your team to access your code can inhibit software development. One of the advantages of the Smalltalk development environment is that team members can build on, and learn from, each other's work. Thus, you should probably use the default World and restrict access only when necessary.
Last modified date: 05/19/2020