Support forums : The Future

what permissions should look like (imho)

The future of this project but not in a "I want a pony" sort of way. This is all about everything meta about Quam Plures. The general direction, the support tools, stuff like that.

Moderator: Dracones

what permissions should look like (imho)

Postby EdB » Mon Aug 01, 2011 5:35 pm

First off, forget about "all groups down, all perms across" and "all users down, all perms across" as a permissions format. No matter how you arrange it it will always lead to an ugly page given enough groups or users. Instead each group or user will have a page for permissions with a shedload of choices & options running down the page.

Okay. So ... step one is that a user's permissions ALWAYS default to the permissions for the group they are in. Unchecking the box for "use group perms" means ONLY user perms are used - no mixing and matching, no "that one might over-ride this one" - either the group or the user, but not both.

Backing up a wee bit, permissions are generally in 2 families. First we have "what can they do or see in the admin side", then they have "what can they do with a blog they are a member of". So our permissions page(s) need to reflect that. Something like this: Basically hit a group's name and you get to ?ctrl=users&grp_ID=1 which shows the global stuff. Unfortunately you have to know to go find ?ctrl=coll_settings&tab=permgroup&blog=6 (assuming that feature is on) to get to group permissions for any given blog. I therefore propose all of those settings be moved to the first page underneath what already is there with a heading of "Assuming blog membership". This way all of our permissions for the group (which by default is all the permissions for any member of that group) is available on one page.

We then need to be able to say if a group or user is a member of any given blog, but that is already covered nicely on the User perms and Group perms page. That means we still need to turn that feature on to have any granular control. But we could do it this way: the group has X permissions and 11 members. blog 12 however only has one member - no groups are members but user 7 is. Or admin group is a member AND user 7.

Streamlining is the thing. I set up a group for new bloggers, which has very little perms and is never a member of a blog by default. A new user joins and gets a blog, of which they and Admin group are the only members. They automagically inherited the "basic users" group perms, which are then applied to the blog they get to post in. I could still get really really granular by turning off "inherit from group" if I wanted to.

Last thought: user levels can allow variance within a group. In other words I could have 4 or 5 bloggers on one blog, and one of them has been elevated via level to "admin" that group. They get to create new cats and delete items (for example), but no one else does. Those perms are defined on the Group setup page (?ctrl=users&grp_ID=1).

The thing is I'm up against the permissions problems again and we just don't have any direction for it ... that I am aware of. So I figure if we kick it around we might find something that works for all players.
EdB
Dracone
User avatar
 
Posts: 2072
Joined: Sun Nov 22, 2009 7:20 am
Location: Maricopa Arizona

Re: what permissions should look like (imho)

Postby Kimberly » Wed Aug 03, 2011 4:03 am

I have not given this much thought. I do know that I have never like the permissions page. I always click on the wrong things a few times before I get to where I need to be to set the permissions I need to set :D .
Kimberly
Dracone
User avatar
 
Posts: 842
Joined: Mon Jul 19, 2010 4:44 pm

Re: what permissions should look like (imho)

Postby EdB » Wed Aug 03, 2011 7:23 am

That sums up what's wrong more than anything I ever could have come up with. Too many clicks required to rediscover what you knew you could do if only it didn't suck so bad.

Then I find that I can't get granular enough on stuff. Like, if I say no read/write/something on media how come they get a folder? And when I say they can how come I can't set any limits? Or how come I have to FTP the images to see if someone is using my server space to host kiddie porn (or whatever)?
EdB
Dracone
User avatar
 
Posts: 2072
Joined: Sun Nov 22, 2009 7:20 am
Location: Maricopa Arizona


Return to The Future

Who is online

Users browsing this forum: No registered users and 2 guests

cron