Gmail Calendar Documents Reader Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
habari-dev
Home
+ new post
Pages
Files
About this group
Join this group
Message from discussion UserGroup
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Michael C. Harris  
View profile  
 More options Jan 27 2008, 9:17 pm
From: "Michael C. Harris" <michael.twof...@gmail.com>
Date: Mon, 28 Jan 2008 13:17:55 +1100
Local: Sun, Jan 27 2008 9:17 pm
Subject: Re: [habari-dev] Re: UserGroup
Reply to author | Forward | Print | View thread | Show original | Report this message | Find messages by this author

On Sun, Jan 27, 2008 at 12:02:17PM -0500, Scott Merrill wrote:

> > there is no current way to create or destory permissions.

> Do folks have any opinion on how to tackle this?  I can see several options:

> 1) The ACL class has static methods to create and destroy permissions:
> ACL::create_permission() and ACL::delete_permission()

> 2) Permissions are created on the fly, as needed.
> $admins->grant('foobar') would create the permisson "foobar" if it
> does not yet exist.  Ostensibly, when no groups use a permission, it
> could be deleted from the permissions table.  This is sub-optimal, and
> does not provide decent support for permission descriptions.

> 3) A new permissions class is created.  This seems a little overkill.

> I _think_ option #1 is the best way forward, but it seems a little
> brittle for reasons I can't articulate.

#1 seems reasonable to me. I would expect ACL::create_permissions() to
return true if the permission exists after the call, regardless of
whether it was created by the call or existed previously. Same for
ACL::delete_permissions, but reverse.

Related musing (that might actually be in favour of #3); do we want to
have some automatically generated permissions, such as
view_status_{type}, publish_status_{type},
publish_content_type_{type}. That way I can have a plugin add a status
or content type and have a bunch of other permissions that
automatically exist. Another advantage of that would be ensuring
consistency of permission naming, so that we minimise the permissions
plugins need to create, and don't end up with view_private,
view_status_foobar, barbaz_can_view etc.

cheers, Michael

--
Michael C. Harris, School of CS&IT, RMIT University
http://twofishcreative.com/michael/blog


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2009 Google