[haiku-web] Re: Community Documentation Collaboration (Was: Add Comunity Project)
- From: Urias McCullough <umccullough@xxxxxxxxx>
- To: haiku-web@xxxxxxxxxxxxx
- Date: Tue, 14 Apr 2009 18:20:54 -0700
On Tue, Apr 14, 2009 at 6:09 PM, Jorge G. Mare <koki@xxxxxxxxxxxxx> wrote:
> Upon quick inspection, permission settings seemed to have changed from
> what they originally used to be; I don't know if this was by accident
> (during the D5 upgrade?) or by design, but anyway here are the user
> roles and permissions as originally thought out.
>
> Anonymous user:
>
> - Access content only
>
> Authenticated user = Anonymous user plus:
>
> - Create conference, doc for user, doc for devs, news post and RFCs
> (all submissions moderated)
> - Edit own content (of above-mentioned types)
> - Post comments
>
> Blogger = Authenticated user plus:
>
> - Create blog posts
> - Edit own blog posts
>
> Editor = Authenticated user plus:
>
> - Edit all content types
>
> Dev = Blogger plus:
>
> - Create & edit all content types
>
> Admin = Dev plus:
>
> - All system notifications (mainly to keep an eye on spam accounts)
>
> Superadmin (user 1):
>
> - Full permissions
>
> So, would adding a Moderator role as an almighty editor to the above
> meet your needs?
Tiered permissions aren't a terribly great idea, IMO, and tend to
"classify" people into different levels of system-wide trust which I
think is less open-source-like - I think we should go with "additive"
permissions. For example, I had created an Even Admin role which could
be assigned to anyone who was to have admin rights over the
event/conference content... This will allow people (or small groups of
people) to "own" and be responsible for the respective areas of
content on the website as they show interest.
You could have "Bloggers" and "Blog Admins" for example to separate
people who have blogging rights, and people who can moderate/admin
blogs - perhaps this level isn't needed, but it makes for a much more
modular security system when trying to define who has access to what -
by just assigning multiple roles to people, you give them multiple
privileges, rather than choosing a single role based on what level of
access you want them to have.
You would also create for example, a role for "Security Admin" to
delete spammers, change certain roles of users, block accounts, etc,
without giving them implicity administrative access to configure the
website and various modules, etc.
As long as you don't go overboard, this can be extremely manageable.
-----------------------------------------------------------------------
haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List
Other related posts:
