Forum OpenACS Development: logical (i.e. site) hierarchy vs. security hierarchy

This is exactly what I was talking about in this thread. Specifically, if these hierarchies are synonymous (identical?), then the context_id settings probably can be made to make sense (with permissions_p's handling of acs_objects.security_inherit_p).

If there are cases where these hierarchies are not identical (or where it is not desired that they be identical) then the scheme may not work. I say may not because there may be a way to get the current design to handle it correctly but I have not figured out the corner cases yet.