The first hour (of four) of the RCP Experience Workshop at Eclipse Summit Europe is over. The main topic of discussion thus far has been authentication and authorization. Essentially, the concern is that of hiding (or at least disabling) features based on permissions (authorization) of the user. Several ideas have been bounced about.
This is a pretty fundamental concept that is an important part of many RCP applications. Buttons, menus, views, editors, and more need to be controlled. A role-based scheme was suggested; ideally, different bits of functionality can be declaratively ‘marked’ as being appropriate for certain roles. The platform project is probably most ideally suited to solve this, but there are other possible approaches. One suggested approach was to use aspects to tune the behaviour of existing classes. It was also suggested that activities might suit the bill. Another possibility is to use the Equinox transformation functionality to dynamically change plugin.xml files as they are loaded to exclude functionality that we don’t want to expose to the current user.
I found the last suggestion very interesting. It was suggested that we consider extending the expression framework to permit expressions based on user role. This has the benefit of already being used by the command framework and so will be immediately available for toolbar buttons and menus. Unfortunately, the expression framework isn’t used by views, editors, wizards, and lots of other useful bits. Even with this apparent restriction, this option seems pretty viable.
The workshop continues. Further updates as events warrant…
