[FLOW3-general] Making context related roles with the security framework

Christian Peters chp at digitale-avantgarde.com
Tue Feb 14 16:30:25 CET 2012 

Hi,

of course I'd like to implement something like that, but I'm still new to
flow3 / typo3 and I guess I'll need some more time to dive in.

Here's what I'm thinking about (e.g. a Use Case).

I was working with the Learning Management System *Moodle* some time ago
and with some other learning management systems. Most of them suffer from
common problems that mature systems have - they exist since PHP 4.x and
carry much old and adjusted code with them (the architecture became
antiquated and unelegant with the years) and they evolved some kind of
featurities (too many stuff that most people don't need but that needs to
be maintained on every release).

I'm thinking about a very simple but modern learning management system that
only ships with the core of  learning management: A course based system.

During my first steps with flow3, I found out that it offers very elegant
solutions to most use cases that where horrible to handle in moodle (namely
through AOP and Signal-Slot Techniques).

Learning Management Systems are about areas where learning material is
provided. The learning materials themself (quiz, forum, scorm modules etc.)
are not part of the core, they are extensions.

A course based system would just consist of very basic stuff:

- user administration
- room administration
- a gradebook (to which learning materials could report results)
- a theme manager
- an extension / plugin manager

The bread and butter is the user and room administration. Rooms maybe added
dynamically (that's why predefining them in the yaml's seems very unelegant
to me) and Users maybe added dynamically to rooms where they can have
dynamic roles. On top of that, roles should be definable by the
administrator - without touching code.

===

Let me give an example.

Imagine a school. There are roles like admin, manager, teacher, pupil.

Admins can do anything.

Managers  can add rooms like "7a Math", "English" or "Theater Group" and
they can enter any room.

A user has the role teacher in 7a Math, is just a pupil in the "Theater
Group" and has no access to the English class.
Another user is pupil in English and in "Theater Group" but Admin in the
Forum (an extension) in the "Theater Group" Room (he can do anything in the
forum).

Now imagine a corporation, that wants to use the same system. They would
have other rules with other rights - and thus the Roles and ACLs must be
configurable from an adminstrator point of view - they must not ship with
the system.

===

More information about the FLOW3-general mailing list