[haiku-web] Re: Community Documentation Collaboration (Was: Add Comunity Project)
- From: "Jorge G. Mare" <koki@xxxxxxxxxxxxx>
- To: haiku-web@xxxxxxxxxxxxx
- Date: Tue, 14 Apr 2009 19:15:06 -0700
Rémi Grumeau wrote:
>
> Le 15 avr. 09 à 03:20, Urias McCullough a écrit :
>
>> On Tue, Apr 14, 2009 at 6:09 PM, Jorge G. Mare <koki@xxxxxxxxxxxxx>
>> wrote:
>>> Upon quick inspection, permission settings seemed to have changed from
>>> what they originally used to be; I don't know if this was by accident
>>> (during the D5 upgrade?) or by design, but anyway here are the user
>>> roles and permissions as originally thought out.
>>>
>>> Anonymous user:
>>>
>>> - Access content only
>>>
>>> Authenticated user = Anonymous user plus:
>>>
>>> - Create conference, doc for user, doc for devs, news post and RFCs
>>> (all submissions moderated)
>>> - Edit own content (of above-mentioned types)
>>> - Post comments
>>>
>>> Blogger = Authenticated user plus:
>>>
>>> - Create blog posts
>>> - Edit own blog posts
>>>
>>> Editor = Authenticated user plus:
>>>
>>> - Edit all content types
>>>
>>> Dev = Blogger plus:
>>>
>>> - Create & edit all content types
>>>
>>> Admin = Dev plus:
>>>
>>> - All system notifications (mainly to keep an eye on spam accounts)
>>>
>>> Superadmin (user 1):
>>>
>>> - Full permissions
>>>
>>> So, would adding a Moderator role as an almighty editor to the above
>>> meet your needs?
>>
>> Tiered permissions aren't a terribly great idea, IMO, and tend to
>> "classify" people into different levels of system-wide trust which I
>> think is less open-source-like - I think we should go with "additive"
>> permissions. For example, I had created an Even Admin role which could
>> be assigned to anyone who was to have admin rights over the
>> event/conference content... This will allow people (or small groups of
>> people) to "own" and be responsible for the respective areas of
>> content on the website as they show interest.
>>
>> You could have "Bloggers" and "Blog Admins" for example to separate
>> people who have blogging rights, and people who can moderate/admin
>> blogs - perhaps this level isn't needed, but it makes for a much more
>> modular security system when trying to define who has access to what -
>> by just assigning multiple roles to people, you give them multiple
>> privileges, rather than choosing a single role based on what level of
>> access you want them to have.
>>
>> You would also create for example, a role for "Security Admin" to
>> delete spammers, change certain roles of users, block accounts, etc,
>> without giving them implicity administrative access to configure the
>> website and various modules, etc.
>>
>> As long as you don't go overboard, this can be extremely manageable.
>> -----------------------------------------------------------------------
>> haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List
>>
>
> Simple question: Since the web team is held by less than 5 active
> people for now more than 5 years, is there any kind of real issue to
> discuss here ? It really feels to me that you guys are talking about
> something that COULD be useful if we were more than a 100 000 daily
> contributors around the globe on this website ...
> And it also really feels to me that in the end, the same 5 guys will
> all be superadmins since it's a hell of a hard time to find someone
> that have some time to spend here, even for a simple icon redesign...
>
> Honnestly, am i wrong ?
No, I think you are right. :)
Cheers,
Jorge
-----------------------------------------------------------------------
haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List
Other related posts:
