Rémi Grumeau wrote: > > Le 15 avr. 09 à 03:20, Urias McCullough a écrit : > >> On Tue, Apr 14, 2009 at 6:09 PM, Jorge G. Mare <koki@xxxxxxxxxxxxx> >> wrote: >>> Upon quick inspection, permission settings seemed to have changed from >>> what they originally used to be; I don't know if this was by accident >>> (during the D5 upgrade?) or by design, but anyway here are the user >>> roles and permissions as originally thought out. >>> >>> Anonymous user: >>> >>> - Access content only >>> >>> Authenticated user = Anonymous user plus: >>> >>> - Create conference, doc for user, doc for devs, news post and RFCs >>> (all submissions moderated) >>> - Edit own content (of above-mentioned types) >>> - Post comments >>> >>> Blogger = Authenticated user plus: >>> >>> - Create blog posts >>> - Edit own blog posts >>> >>> Editor = Authenticated user plus: >>> >>> - Edit all content types >>> >>> Dev = Blogger plus: >>> >>> - Create & edit all content types >>> >>> Admin = Dev plus: >>> >>> - All system notifications (mainly to keep an eye on spam accounts) >>> >>> Superadmin (user 1): >>> >>> - Full permissions >>> >>> So, would adding a Moderator role as an almighty editor to the above >>> meet your needs? >> >> Tiered permissions aren't a terribly great idea, IMO, and tend to >> "classify" people into different levels of system-wide trust which I >> think is less open-source-like - I think we should go with "additive" >> permissions. For example, I had created an Even Admin role which could >> be assigned to anyone who was to have admin rights over the >> event/conference content... This will allow people (or small groups of >> people) to "own" and be responsible for the respective areas of >> content on the website as they show interest. >> >> You could have "Bloggers" and "Blog Admins" for example to separate >> people who have blogging rights, and people who can moderate/admin >> blogs - perhaps this level isn't needed, but it makes for a much more >> modular security system when trying to define who has access to what - >> by just assigning multiple roles to people, you give them multiple >> privileges, rather than choosing a single role based on what level of >> access you want them to have. >> >> You would also create for example, a role for "Security Admin" to >> delete spammers, change certain roles of users, block accounts, etc, >> without giving them implicity administrative access to configure the >> website and various modules, etc. >> >> As long as you don't go overboard, this can be extremely manageable. >> ----------------------------------------------------------------------- >> haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List >> > > Simple question: Since the web team is held by less than 5 active > people for now more than 5 years, is there any kind of real issue to > discuss here ? It really feels to me that you guys are talking about > something that COULD be useful if we were more than a 100 000 daily > contributors around the globe on this website ... > And it also really feels to me that in the end, the same 5 guys will > all be superadmins since it's a hell of a hard time to find someone > that have some time to spend here, even for a simple icon redesign... > > Honnestly, am i wrong ? No, I think you are right. :) Cheers, Jorge ----------------------------------------------------------------------- haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List