Restructure user/group permissions (esp. media-related ones)

[Tblue]

The current user permission system is somewhat messy, but the biggest problem is that the blogs' media permissions (for users/groups) are not used to the full extent (actually, I am not sure if they get used at all anymore...). The meaning of the media perms should be made clear, as well as their effects. Permissions which do not get used are useless.

[EdB]

"permissions with do not get used" is kinda open ya know? Like, if they can be used then that should count as used. But for sure I wish I had a clue what the various tick-boxes meant.

BTW a limit on how much and/or many media items any given group (user?) can have needs to be restrictable. As things stand now a registered blogger can basically consider the site as free storage up to whatever limit the actual installation owner has. Seems like a silly thing to me.

[Tblue]

"permissions with do not get used" is kinda open ya know?

Yeah, I meant permissions which do not really restrict/permit something.

As things stand now a registered blogger can basically consider the site as free storage up to whatever limit the actual installation owner has.

Yep, we need to do something about that.

[EdB]

Now that I'm tearing into perms a bit I'm starting to form the opinion that some sleepy coding got into the core way back in the days of old. The meanings of each option are NOT clear - that is simply true and probably not too hard to deal with. But the basics of what one can do actually can work rather nicely.

View (which allows one to also use), Upload (which allows one to view and use), Modify (which allows editing details): all there

DISCLAIMER: I'm looking at other details and observing these - not trying to fix them. One thing that sort of stands out as a need in media is that 'all' and 'edit' for groups->grp_perm_files are effectively the same. To my mind 'edit' should allow renaming and tweaking the extra bits like long description or whatever. 'all' is where one would gain move and copy and delete. Deleting is an aggressive edit! If that is split, which is nothing more than logic, then we probably would want to modify blogusers by adding a bloguser_perm_media_movecopydelete field. Bad name but if we have it in groups then we probably want to modify it in users. Seems to be 'the way' is what I mean.

Anyway I'm close to another push on new_navbar that handles files permissions much better. I did not try to fix the "you get an upload link when you do not have upload permission" because the branch is about the navbar and the bug isn't in the navbar. Can't be hard though. Just check before adding the link.

[EdB]

Sorry to dig up an oldie, and not the oldie I was looking for, but hey what can I say?

In thinking about viewtopic.php?f=23&t=519 , a recalling a discussion about how crappy the whole permissions pages are (groups/users down and perms across or flipped the other way is still a huge mess), and in thinking about putting phpinfo inside the tools->system page with a "close me" icon similar to how tools->scheduler->new job does it, I had a thought for back here.

Assuming advanced stuff turned on, then on either User or Group perms page what if you always had the full list down and the layout be 'simple' like it defaults to. Then if you clicked the 'layout wide' link you get one of those pages with the "close me" icon that says something like "pick 4 using the checkboxes then click here" and THAT page showed a 5-wide table with various permissions going down the page and only 4 users or groups at a time across the page? Then no matter how complicated or granular we make permissions we wouldn't have to squeeze more crap into a table that already blows out the right side of my monitor.

Off topic

I'm kinda curious why all the default users, who are in each of their default groups, get listed as "not member" on the User perms page. Does that actually mean "uses Group perms"? If so shouldn't we change what it says in that one little section?