Forum OpenACS Development: Re: relational segments: how do you use them

Posted by Randy O'Meara on
Whew! There sure is a great amount of datamodel and pl analytical information in this thread. And I'm beginning to think that I might be able to wend my way through it all.

However, what I'm really interested in is implementing a multi-role system (based on acs-subsite) where I can grant certain rights based on a member's role. I think that the tcl api is what I should use rather than reinventing this wheel. So, given this direction, I would like some help determining exactly what the implementation looks like... described by toolkit tcl calls. Unfortunately, I've searched through the source code (both the 4.6 cvs branch and dotlrn 1) and there are no working examples that I could find. Maybe I can start with what I assume is required to create a single role and grant permissions on the subsite to members in that role.

What I want to do...

Among other roles, I want to create a role called "Community Admin" and associate with it a Main Site registered user "u1" that will have permission to:

  • create and update objects associated with a subsite-aware application that is mounted under this subsite, and
  • accept other Main Site registered users' requests to join this particular community (subsite).

    Since this is all rooted at a subsite and the subsite exists, the subsite Application Group "Community Members" also already exists. Do I need to create any groups in addition to this existing Application Group, or can I just relate a segment of this group into a pseudo-group called "Community Admins" using a relational segment? This setup differs from Tom's in that I really don't require subgroups to further group subsite members.

    There are several parameters that I could use help with (bracketed by ?s below). I'm thinking that the sequence of calls I need to make looks (something) like:

      # Create a rel_type
      set m_rel_type [rel_types::new
          -supertype "membership_rel"
          -role_one ?role_one?
          -role_two ?role_two?
          "adm_rel"                    # rel_type
          "Community Admin"            # pretty_name
          "Community Admins"           # pretty_plural
      # Create a rel_seg
      set m_rel_seg  [rel_segments_new
          -context_id ?context_id?
          -creation_user $user_id
          -creation_ip $peer_addr
          $subsite_app_grp_id          # group_id
          "adm_rel"                    # rel_type
      # Grant permissions
      # How to do this?
    Can you help me fill in the blanks or nudge me in another direction?