[Typo3-dev] More advanced permissions handling?
Kasper Skårhøj
kasper2004 at typo3.com
Thu Dec 30 23:43:09 CET 2004
What were the suggestions?
I saw what you said about allowed different types of tables in different
DB mounts. That sounds complicated, maybe it isn't that hard to
implement technically but you also have to consider that such an option
- and having to be backwards compatible - will add a bunch of new
options that must be a) documented, b) explained and explained again for
the poor people thinking TYPO3 is already too feature-rich and c)
support for the feature must be incorporated in the "User Admin" module
so adminstrators can easily preview a users permissions.
Go for the "soft permissions" i suggested instead.
This feature doesn't seem to be important enough to spend time on. It
will take a few days to make.
- kasper
On Thu, 2004-12-30 at 22:10, Stig Nørgaard Færch wrote:
> Did you see the other suggestions in the other post?
> In my mind they wouldn't complicate things. And if it would be possible to
> do it as an extension, you could choose to have it or not.
>
> /Stig
>
> > The more types of permissions and the more they overlap and has to be
> > conditionally evaluated the greater is the risk of human error and thus
> > security holes.
> >
> > Another downside is that users will have a hard time to validate if
> > their setup is correct.
> >
> > I think the best you can do is use some of the "soft" ways which is
> > using Page TSconfig to disable certain tables/fields in branches of the
> > tree.
> >
> > - kasper
>
> _______________________________________________
> Typo3-dev mailing list
> Typo3-dev at lists.netfielders.de
> http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-dev
--
- kasper
----------------
Man søger fred i rigdom, glans og ære
og tænker: Hvad kan hjertet mer begære?
men dybt derinde bor den samme længsel,
og hjertet græder i sit gyldne fængsel.
More information about the TYPO3-dev
mailing list