[haiku-web] Re: Community Documentation Collaboration (Was: Add Comunity Project)

  • From: Rémi Grumeau <remi.grumeau@xxxxxxxxx>
  • To: haiku-web@xxxxxxxxxxxxx
  • Date: Wed, 15 Apr 2009 03:40:04 +0200


Le 15 avr. 09 à 03:20, Urias McCullough a écrit :
On Tue, Apr 14, 2009 at 6:09 PM, Jorge G. Mare <koki@xxxxxxxxxxxxx> wrote:
Upon quick inspection, permission settings seemed to have changed from 
what they originally used to be; I don't know if this was by accident
(during the D5 upgrade?) or by design, but anyway here are the user
roles and permissions as originally thought out.

Anonymous user:

   - Access content only

Authenticated user = Anonymous user plus:
- Create conference, doc for user, doc for devs, news post and RFCs 
(all submissions moderated)
   - Edit own content (of above-mentioned types)
   - Post comments

Blogger = Authenticated user plus:

   - Create blog posts
   - Edit own blog posts

Editor = Authenticated user plus:

   - Edit all content types

Dev = Blogger plus:

   - Create & edit all content types

Admin = Dev plus:
- All system notifications (mainly to keep an eye on spam accounts) 

Superadmin (user 1):

   - Full permissions

So, would adding a Moderator role as an almighty editor to the above
meet your needs?


Tiered permissions aren't a terribly great idea, IMO, and tend to
"classify" people into different levels of system-wide trust which I
think is less open-source-like - I think we should go with "additive"
permissions. For example, I had created an Even Admin role which could
be assigned to anyone who was to have admin rights over the
event/conference content... This will allow people (or small groups of
people) to "own" and be responsible for the respective areas of
content on the website as they show interest.

You could have "Bloggers" and "Blog Admins" for example to separate
people who have blogging rights, and people who can moderate/admin
blogs - perhaps this level isn't needed, but it makes for a much more
modular security system when trying to define who has access to what -
by just assigning multiple roles to people, you give them multiple
privileges, rather than choosing a single role based on what level of
access you want them to have.

You would also create for example, a role for "Security Admin" to
delete spammers, change certain roles of users, block accounts, etc,
without giving them implicity administrative access to configure the
website and various modules, etc.

As long as you don't go overboard, this can be extremely manageable.
-----------------------------------------------------------------------
haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List
Simple question: Since the web team is held by less than 5 active people for now more than 5 years, is there any kind of real issue to discuss here ? It really feels to me that you guys are talking about something that COULD be useful if we were more than a 100 000 daily contributors around the globe on this website ... And it also really feels to me that in the end, the same 5 guys will all be superadmins since it's a hell of a hard time to find someone that have some time to spend here, even for a simple icon redesign... 

Honnestly, am i wrong ?

Remi-----------------------------------------------------------------------
haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List

Other related posts:

  1. Home
  2. haiku-web
  3. Archive
  4. 04-2009