Remove HTML from the project. (We're no longer using Dokku.)

author: Owen Jacobson <owen.jacobson@grimoire.ca> 2015-12-09 20:40:42 -0500
committer: Owen Jacobson <owen.jacobson@grimoire.ca> 2015-12-09 20:40:42 -0500
commit: f82d259e7bda843fb63ac1a0f6ff1d6bfb187099 (patch)
tree: 502ebf27ea72cf8c6025b880bfdb35db00ce8b92 /.html/authnz
parent: 75a219a061b60bb32948b8a2b71c8ccf1dc19a62 (diff)
3 files changed, 0 insertions, 373 deletions
diff --git a/.html/authnz/_list.html b/.html/authnz/_list.html
deleted file mode 100644
index c7948ab..0000000
--- a/.html/authnz/_list.html
+++ /dev/null
@@ -1,88 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-	<title>
-		The Codex » 
-		ls /authnz
-	</title>
-
-	<link
-		rel='stylesheet'
-		type='text/css'
-		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
-	<link
-		rel="stylesheet"
-		type="text/css"
-		href="../media/css/reset.css">
-	<link
-		rel="stylesheet"
-		type="text/css"
-		href="../media/css/grimoire.css">
-</head>
-<body>
-
-<div id="shell">
-	
-		<ol id="breadcrumbs">
-			
-				<li class="crumb-0 not-last">
-					
-						<a href="../">index</a>
-					
-				</li>
-			
-				<li class="crumb-1 not-last">
-					
-						<a href="./">authnz</a>
-					
-				</li>
-			
-				<li class="crumb-2 last">
-					
-						<span class="list-crumb">list</span>
-					
-				</li>
-			
-		</ol>
-	
-
-	
-	<div id="listing">
-		<h1><code>ls /authnz</code></h1>
-
-		
-
-		
-			<div id="pages">
-				<h2>Pages</h2>
-				<ul>
-					
-						<li><a href="users-rolegraph-privs">A Users, Roles &amp; Privileges Scheme Using Graphs</a></li>
-					
-				</ul>
-			</div>
-		
-
-		
-	</div>
-
-
-	
-	
-
-	
-	<div id="footer">
-		<p>
-			
-				The Codex —
-			
-			Powered by <a href="http://markdoc.org/">Markdoc</a>.
-			
-<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/authnz">See this directory on Bitbucket</a>.
-
-		</p>
-	</div>
-	
-</div>
-</body>
-</html>
-\ No newline at end of file
diff --git a/.html/authnz/index.html b/.html/authnz/index.html
deleted file mode 100644
index c7948ab..0000000
--- a/.html/authnz/index.html
+++ /dev/null
@@ -1,88 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-	<title>
-		The Codex » 
-		ls /authnz
-	</title>
-
-	<link
-		rel='stylesheet'
-		type='text/css'
-		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
-	<link
-		rel="stylesheet"
-		type="text/css"
-		href="../media/css/reset.css">
-	<link
-		rel="stylesheet"
-		type="text/css"
-		href="../media/css/grimoire.css">
-</head>
-<body>
-
-<div id="shell">
-	
-		<ol id="breadcrumbs">
-			
-				<li class="crumb-0 not-last">
-					
-						<a href="../">index</a>
-					
-				</li>
-			
-				<li class="crumb-1 not-last">
-					
-						<a href="./">authnz</a>
-					
-				</li>
-			
-				<li class="crumb-2 last">
-					
-						<span class="list-crumb">list</span>
-					
-				</li>
-			
-		</ol>
-	
-
-	
-	<div id="listing">
-		<h1><code>ls /authnz</code></h1>
-
-		
-
-		
-			<div id="pages">
-				<h2>Pages</h2>
-				<ul>
-					
-						<li><a href="users-rolegraph-privs">A Users, Roles &amp; Privileges Scheme Using Graphs</a></li>
-					
-				</ul>
-			</div>
-		
-
-		
-	</div>
-
-
-	
-	
-
-	
-	<div id="footer">
-		<p>
-			
-				The Codex —
-			
-			Powered by <a href="http://markdoc.org/">Markdoc</a>.
-			
-<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/authnz">See this directory on Bitbucket</a>.
-
-		</p>
-	</div>
-	
-</div>
-</body>
-</html>
-\ No newline at end of file
diff --git a/.html/authnz/users-rolegraph-privs.html b/.html/authnz/users-rolegraph-privs.html
deleted file mode 100644
index 79e1bbe..0000000
--- a/.html/authnz/users-rolegraph-privs.html
+++ /dev/null
@@ -1,197 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-	<title>
-		The Codex » 
-		A Users, Roles &amp; Privileges Scheme Using Graphs
-	</title>
-
-	<link
-		rel='stylesheet'
-		type='text/css'
-		href='http://fonts.googleapis.com/css?family=Buenard:400,700&amp;subset=latin,latin-ext'>
-	<link
-		rel="stylesheet"
-		type="text/css"
-		href="../media/css/reset.css">
-	<link
-		rel="stylesheet"
-		type="text/css"
-		href="../media/css/grimoire.css">
-</head>
-<body>
-
-<div id="shell">
-	
-		<ol id="breadcrumbs">
-			
-				<li class="crumb-0 not-last">
-					
-						<a href="../">index</a>
-					
-				</li>
-			
-				<li class="crumb-1 not-last">
-					
-						<a href="./">authnz</a>
-					
-				</li>
-			
-				<li class="crumb-2 last">
-					
-						users-rolegraph-privs
-					
-				</li>
-			
-		</ol>
-	
-
-	
-	<div id="article">
-		<h1 id="a-users-roles-privileges-scheme-using-graphs">A Users, Roles &amp; Privileges Scheme Using Graphs</h1>
-<p>The basic elements:</p>
-<ul>
-<li>Every agent that can interact with a system is represented by a <strong>user</strong>.</li>
-<li>Every capability the system has is authorized by a distinct <strong>privilege</strong>.</li>
-<li>Each user has a list of zero or more <strong>roles</strong>.<ul>
-<li>Roles can <strong>imply</strong> further roles. This relationship is transitive: if
-  role A implies role B, then a member of role A is a member of role B; if
-  role B also implies role C, then a member of role A is also a member of
-  role C. It helps if the resulting role graph is acyclic, but it's not
-  necessary.</li>
-<li>Roles can <strong>grant</strong> privileges.</li>
-</ul>
-</li>
-</ul>
-<p>A user's privileges are the union of the privileges granted by the transitive
-closure of their roles.</p>
-<h2 id="in-sql">In SQL</h2>
-<pre><code>create table "user" (
-    username varchar
-        primary key
-    -- credentials &amp;c
-);
-
-create table role (
-    name varchar
-        primary key
-);
-
-create table role_member (
-    role varchar
-        not null
-        references role,
-    member varchar
-        not null
-        references "user",
-    primary key (role, member)
-);
-
-create table role_implies (
-    role varchar
-        not null
-        references role,
-    implied_role varchar
-        not null
-);
-
-create table privilege (
-    privilege varchar
-        primary key
-);
-
-create table role_grants (
-    role varchar
-        not null
-        references role,
-    privilege varchar
-        not null
-        references privilege,
-    primary key (role, privilege)
-);
-</code></pre>
-<p>If your database supports recursive CTEs, querying this isn't awful, since we
-can have the database do all the graph-walking along roles:</p>
-<pre><code>with recursive user_roles (role) AS (
-    select
-        role
-    from
-        role_member
-    where
-        member = 'SOME USERNAME'
-    union
-    select
-        implied_role as role
-    from
-        user_roles
-        join role_implies on
-            user_roles.role = role_implies.role
-)
-select distinct
-    role_grants.privilege as privilege
-from
-    user_roles
-    join role_grants on
-        user_roles.role = role_grants.role
-order by privilege;
-</code></pre>
-<p>If not, get a better database. Recursive graph walking with network round
-trips at each step is stupid and you shouldn't do it.</p>
-<p>Realistic uses should have fairly simple graphs: elemental privileges are
-grouped into abstract roles, which are in turn grouped into meaningful roles
-(by department, for example), which are in turn granted to users. In
-PostgreSQL, the above schema handles ~10k privileges and ~10k roles with
-randomly-generated graph relationships in around 100ms on my laptop, which is
-pretty slow but not intolerable. Perverse cases (interconnected total
-subgraphs, deeply-nested linear graphs) can take absurd time but do not
-reflect any likely permissions scheme.</p>
-<h2 id="what-sucks">What Sucks</h2>
-<ul>
-<li>Graph theory in my authorization system? It's more likely than you think.</li>
-<li>There's no notion of revoking a privilege. If you have a privilege by any
-  path through your roles, then it cannot be revoked except by removing all of
-  the paths that lead back to that privilege.</li>
-<li>Not every system has an efficient way to compute these graphs.<ul>
-<li>PostgreSQL, as given above, has a hard time with unrealistically-deep
-  nested roles.</li>
-</ul>
-</li>
-</ul>
-	</div>
-
-
-	
-<div id="comments">
-<div id="disqus_thread"></div>
-<script type="text/javascript">
-    /* * * CONFIGURATION VARIABLES: EDIT BEFORE PASTING INTO YOUR WEBPAGE * * */
-    var disqus_shortname = 'grimoire'; // required: replace example with your forum shortname
-
-    /* * * DON'T EDIT BELOW THIS LINE * * */
-    (function() {
-        var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
-        dsq.src = 'http://' + disqus_shortname + '.disqus.com/embed.js';
-        (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
-    })();
-</script>
-<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
-<a href="http://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
-</div>
-
-
-	
-	<div id="footer">
-		<p>
-			
-				The Codex —
-			
-			Powered by <a href="http://markdoc.org/">Markdoc</a>.
-			
-<a href="https://bitbucket.org/ojacobson/grimoire.ca/src/master/wiki/authnz/users-rolegraph-privs.md">See this page on Bitbucket</a> (<a href="https://bitbucket.org/ojacobson/grimoire.ca/history-node/master/wiki/authnz/users-rolegraph-privs.md">history</a>).
-
-		</p>
-	</div>
-	
-</div>
-</body>
-</html>
-\ No newline at end of file
author	Owen Jacobson <owen.jacobson@grimoire.ca>	2015-12-09 20:40:42 -0500
committer	Owen Jacobson <owen.jacobson@grimoire.ca>	2015-12-09 20:40:42 -0500
commit	f82d259e7bda843fb63ac1a0f6ff1d6bfb187099 (patch)
tree	502ebf27ea72cf8c6025b880bfdb35db00ce8b92 /.html/authnz
parent	75a219a061b60bb32948b8a2b71c8ccf1dc19a62 (diff)