Notes:A realm is a run-time-only instance, not directly represented in the
database. The RealmOwner model identifies the owner, which identifies
all the data associated with a realm. Tasks only exist
in code, and realms identify the context in which a task executes,
which includes what tasks may be executed within the realm itself.
The method
can_user_execute_task answers that question.
Realms inherit most of their API from their superclass
Bivio::Auth::Realm. The
General realm is
a singleton, and it is the only realm without an owner attribute.
The other two realm types
(
Club and
User)
are instantiated with a RealmOwner instance assigned to their
owner attributes.
The realm in which the task executes is identified by the
auth realm attribute of
Bivio::Agent::Request.
The RealmOwner.realm_id of the auth realm is stored in the
auth id attribute of the request, too. This is a convenient
shorthand, and is the value added to the queries by
Bivio::Biz::PropertyModel and
Bivio::Biz::ListModel.
The command line utility
b-realm-admin lets you
manipulate realms via the command line, like all
bOP
ShellUtils via APIs:
create_user,
delete_user,
invalidate_password,
join_user, etc.)
|