Docudo Identity Model

[Kevin H]

While Docudo includes the TG identity framework, little to no work has
yet been put in on getting the various functions of Docudo restricted
to the various users/groups.

Here's what the identity model currently looks like:

Users
====
admin - this user is (or at least should be) automatically created
when the initial install is done
other users - created as needed

Groups
=====
admin - users designated as administrators
editor - users designated as editors (such as members of the docs team
for the TurboGears project)
guest - everyone else, this could be named something else

Permissions
=========
[none currently]

So here are the issues I would like to discuss:

1) Are any other groups needed?
2) What permissions are needed?
3) What users/groups should get what permissions?

Here are some ideas I have for permissions:
- add page
- edit page
- delete page
- make page "official" (maybe expand this to general editing of page
metadata)

- add comment
- edit comment
- delete comment
- approve/moderate comment

- upload media files (images, etc.)
- update media files
- delete media files

- create new "version" within a collection
- create user account (possibly wrap up all user admin tasks)
- administer table of contents
- administer index (for full text search)

- edit welcome page, possibly other "static" docs

I'd be interested in anyone else's feedback. Please sound off!

Kevin Horn