Converted AccessControl.md
diff --git a/AccessControl.wiki b/AccessControl.md
similarity index 71%
rename from AccessControl.wiki
rename to AccessControl.md
index cf677fc..c573ac9 100644
--- a/AccessControl.wiki
+++ b/AccessControl.md
@@ -1,7 +1,4 @@
-#summary Protecting against unauthorized use.
-#labels Importance-Overview,Phase-Requirements,Contents-Draft
-
-==Security==
+## Security
_Melange can only have moderate security..._
@@ -11,39 +8,39 @@
There are also important security issues with regard to html in responses. A general filter will be in place to prevent, for example, a student's or an organisation's application containing javascript.
-==Security Thinking==
+## Security Thinking
Improving our security awareness will also help in other ways. For example:
* Analysis of logs for 'suspicious activity' will help us be more aware of how Melange is actually being used. _But logs are hard to get and analyse currently_
* Becoming more organised about manual testing to test for security issues will help us with other testing too.
- * Supporting GSoC orgs in their security measures (allowing large orgs to pass PGP keys to verify mentor sign up) will lead to a better Melange in other ways too. _This was the essential content of Issue 385, a request for an additional text field._
+ * Supporting GSoC orgs in their security measures (allowing large orgs to pass PGP keys to verify mentor sign up) will lead to a better Melange in other ways too. _This was the essential content of Issue 385 (on Google Code), a request for an additional text field._
The issue of security isn't entirely theoretical. In 2008 a large number of GSoC organizations were approached by several people whom they 'did not know' asking to be mentors, one of whom may have been trying to impersonate Google's David Anderson, hence the !notme botcommand on #gsoc.
_Edit Hint: Move the two security sections to a new page and keep this page just for ACLs?_
-===Some Security Links===
+### Some Security Links
- * [https://buildsecurityin.us-cert.gov/daisy/bsi/articles/best-practices.html US Gvt Software Security "Best Practices"] - Looks a bit long wordy.
- * [http://code.google.com/p/doctype/wiki/Articles Google's guide to XSS] - Looks very good and to the point.
+ * [US Gvt Software Security "Best Practices"](https://buildsecurityin.us-cert.gov/daisy/bsi/articles/best-practices.html) - Looks a bit long wordy.
+ * [Google's guide to XSS](http://code.google.com/p/doctype/wiki/Articles) - Looks very good and to the point.
-==Access Model==
+## Access Model
_Different users/roles have different permissions. They even vary over time._
- # It is probably not possible to fully designate all the permissions and roles up front. For example, a role as a mentor is not the same as a role as someone-who-is-attending-mentor-summit. In an umbrella organisation with say > 20 active projects a super admin may have oversight over all proposals and projects for that org, whereas a sub admin might have oversight over more restricted areas.
- # A clean design factoring separates access rights from page display code. A proposal is to have a central access control mechanism that, given a field identifier and a request (probably HTTP request) can tell ''for this request'' whether:
+ 1. It is probably not possible to fully designate all the permissions and roles up front. For example, a role as a mentor is not the same as a role as someone-who-is-attending-mentor-summit. In an umbrella organisation with say > 20 active projects a super admin may have oversight over all proposals and projects for that org, whereas a sub admin might have oversight over more restricted areas.
+ 1. A clean design factoring separates access rights from page display code. A proposal is to have a central access control mechanism that, given a field identifier and a request (probably HTTP request) can tell ''for this request'' whether:
* The field can be viewed at all.
* The field is read only.
* The field can be modified.
It's expected that pages will share some centrally provided formatting routines that automatically choose whether to show a field as an editable or non editable box based on the permissions.
-A highly privileged user may drop down to a lower role to see a page as a lower user would see it. Many pages may be read-only by default, with the option to open an editable view available to sufficiently authorised users.
+A highly privileged user may drop down to a lower role to see a page as a lower user would see it. Many pages may be read-only by default, with the option to open an editable view available to sufficiently authorised users.
-==Terms of Use==
+## Terms of Use
_Terms-of-Use figure in the access control_
