The new action security mechanism for sahana - Draft 1.0


The existing security system of Sahana only focuses on data security, hence does not allow a fine grained control to the level of restricting various actions that could be performed by individuals. The new design is intended to provide this level of fine grained control while preserving the existing data sensitivity level security.

How it works

When ever a user tries to execute an action, the security system will check whether the user is permitted to execute that action. This will be done using a security definition which will be available in all the modules.
Each module will have to have a security definition file (similar to the current sec_policy.xml in use) which would be a php file, hence reduces the processing time compared to xml. This file will also eliminate the need of the sec_policy.xml in the time to come.
Each module will have the choice of overriding the framework security, by implementing a callback. This is mainly required for some modules where some actions need to be allowed depending on the user who is logged in and not the user's role. (eg: VM module). The security system will then check whether the current role has data access permission (same as the currenly exisitng security system), in order to provide data sensitivity level security. The administrator may choose to disable this in the administration page.

What the administrator sees

Once the security definition files are in place, the acl administration page will be as follows.

The actions will be on the left most column and the roles will be on the top most row. Each intersection cell will have a checkbox which; if checked would allow the action to the user.

Adding New Roles

The new security system will allow administrators to add new security roles and modify them in addition to the 7 roles are there by default. This would allow customization of module access to users.


The new security system will enable the adminsitrator to have a overall grid view of the percentage of actions available in the module which each role has access to. Furhter he will be able to drill down in to module level an find out which actions are executable for each role.

Entity Relations

The following diagram illustrates the entity relationships that the new security system will use. The entities in red are the ones introduced in the new security architecture.

Flow Chart

The following flow chart illustrates the basic functionality of the new security system.

  • Navigate