On Thu, 1 May 2003 01:55:07 +0900 Simon Vandemoortele <deliriousREMOVEUPPERCASETEXTTOREPLY / atchoo.be> wrote: <snip> > Suppose you want to code an addressbook editor. You want it to be based > on *Addressbook* class that can be reused, so that other people may > write their UI on your addressbook format. How do you go about this ? <snip> > _Problem:_ > > All this works wonderfully well but for one thing: once the addressbook > gives a *Contact* (actually a reference to *Contact*) to a client, the > client can modify the *Contact* (that is _inside_ the addressbook) > without the addressbook's knowledge. <snip> I would suggest using Mephle. (Yes, I finally have an 0.7 release prepared, I'll send an announcement this evening. ;) While 0.7 does not have ACLs, 0.8 will. Mephle allows you to create and use objects remotely. This means the client can do this: contact = Get(conn, :contactdb, "/contacts/john-doe") This is now a proxy to the remote object. It will act and behave exactly like that object. However, if you don't want the client doing something (calling a particular method), you merely define an ACL that excludes them from doing so. That way when they try: contact.email = "foo / bar.com" ...a PermissionDenied exception gets raised across the network. Of course, they can procure a _local_copy_ of the object and do whatever they want to it. It's their object now. (Given they would have permissions to acquire a copy---you may not want sensitive data returned.) But, it's a simple and complete solution. -- Ryan Pavlik <rpav / users.sf.net> "Even the shiniest sword could not save us now!" - 8BT