[TYPO3-ect] Solutions for rights management
Elmar Hinz
elmar.DOT.hinz at team.MINUS.red.DOT.net
Tue Jan 10 10:59:42 CET 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Personally I would prefer a combination of ACL and group-based roles:
>
> - Fundamental rights management is done by ACLs using a standard
> implementation like bitmasks.
> - Access is based on group membership not individual accounts for better
> management. We loose flexibility but in my opinion most people who need
> ACLs will vote for groups only (already implemented).
phpBB forum uses 1 person groups to give individual access.
> - Groups can be nested (extensions exist).
Also standard in BE.
> - Access can be given to multiple groups (extensions for the FE exist).
> - For the FE pseudo groups like "logged in" and "not logged in" are a
> good idea (already implemented).
> - To simplify management predefined groups are created on installation
> which reflect typical roles like author, editor, supervisor, admin.
Let's take a scenario out of real life. Imagine an NPO or church with 10
different workgroups each organized by an moderator. We assign one directory
tree to each workgroup. The workgroup members become authors, the moderators
become editors. Authors can edit texts, while editors can also create and delete
pages.
Now imagine someone is a simple member in one workgoup but the moderator of
another. A daily situation. Being in the groups of editors he could create and
delete pages of the workgroup his is not the moderator of.
Do your proposals (group-based roles) cover this sitution?
Roles differ from groups. Someone could get the role of an editor assigned to
his team only.
Well we could set up a subgroup of the TeamA the ModeraterGroupA.
Advantage: We can assign different rights to ModeraterGroupA and ModeraterGroupB.
Disadvantage: We need to configure a ModeraterGroup and an EditorGroup for each
of the 10 team.
With roles only need to configure one ModeratorRole and one EditorRole. They are
repeatedly "assgingned" to the 10 teams. The rights of the moderator would
result of this "assignment". Hi has the EditorRole of TeamA.
Regards
Elmar
- --
Climate change 2006 is killing people: floods in California, drought and fires
in Australia, Texas, Sahel, Oklahoma, South Africa. The Bush administration is
responsible for corruption of the Kyoto Protocol. The US majority is responsible
to the world for reelection of a convictable [...censored by Echelon...].
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDw4WOO976RNoy/18RAlEjAKCUdeglTaHIMG5i1/fcit5LwvMpIgCgksTs
qEPwAWdYnc1jOMcaR87LF0c=
=p2LD
-----END PGP SIGNATURE-----
More information about the TYPO3-team-extension-coordination
mailing list