Creating your own operatives

From Kasai documentation

An operative represents an action a user can perform in your application. Operatives can be performed over concrete objects (for example you can block a user), or over generic objects (for example you can list user groups).

One of the first steps that should be performed during application design is identifying and defining all the operatives that will be restricted using an authorization procedure. Once identified you must insert this operatives catalog in your Kasai database structure.

Kasai comes with all the operatives necessary to manage users, groups and roles. You can review them in one of the database scripts (ie mysql-kasai.sql) that ships with the product.

To create a new operative you need to insert a new row in the kasai_operatives table, specifying an id, a sequence number and a description. For example:

INSERT INTO kasai_operatives (id,sequence,description) VALUES ('kasai.group.user.delete','18','Remove users from a group');

Operatives are defined in a hierarchical fashion, for example if a user is related to a role that has the kasai.group operative, he can perform any operative related to groups (for example kasai.group.delete, kasai.group.block, etc.). Note that if a user has, for example, the kasai.group.delete operative, it doesn't mean he can execute the kasai.group.commit or kasai.group.block operatives.

The id of the operative contains the complete name, as described before, of the operative hierarchy, for example: myapp.customer.delete.

The sequence number indicates the position at which the operative will be displayed in the administrative interface. It's recommended to group all operatives that refer to the same object type consecutively.

The description is used in the administrative interface to provide a more human description of the actions that will be granted to the user when he is related to the operative.