Access control prevents unauthorized users from reading or changing components. So far, all of the explanations of the team development environment have assumed that access controls have been set to the most open settings.
The system provides two types of access controls:
Image and library controls protect the integrity of major system components. For example, they bind the ownership of an image to a specific user with password protection.
Application controls enable application managers to implement policies that control access to specific applications. These policies can do the following:
To ensure that an image binds to one user, the system checks an image user's network name against the user's network logon ID whenever a user launches the team development environment. Depending on how a library is set up, the system might prompt the user for a password if the user's network name differs from the user's network logon ID.
Application controls can grant different access privileges for an application to the following:
Application managers specify the access privileges for an
application. The following table shows each type of application
control, along with their possible values:
Action | Possible values | Indicated permissions |
---|---|---|
Execute | World, Group | Can load and run an application |
Read Public Specification | World, Group | Can read public method comments |
Read Public Source | World, Group | Can read public method source code |
Read Private Specification | World, Group, Owner | Can read private method comments |
Read Private Source | World, Group, Owner | Can read private method source code |
Create Editions | World, Group, Owner | Can create class editions |
Change Class Owner | Manager/Owner, Group | Can change the ownership of a class |
The default value for each access control is World.
Using these access controls, you can define class ownership policies for applications that you manage. For example, if the Create Editions privilege for an application is set to Owner, then only the owner of a class can change the class. If the privilege is set to Group, then only group members of that application can change classes contained by the application.
To specify access control privileges for an application that you manage:
If you set privilege values other than World, bear in mind that not allowing all members of your team to access your code can inhibit software development. One of the advantages of the Smalltalk development environment is that team members can build on, and learn from, each other's work. Thus, you should probably use the default World and restrict access only when necessary.