Forum OpenACS Development: Response to Permissions UI Issues
But maybe the core design team's reasoning was faulty...
<p>Keep in mind that one of the core designers claimed that he didn't understand why people felt that the permissions admin UI was insufficient in the first place! Back in 4.0 which in general had admin UI that was even lamer than we see in 4.2! That shows a rather remarkable lack of insight IMO.
<p>As far as scoping permissions, this idea's actually been floating around in my head for a few weeks now. I'm not yet convinced it is necessary but it would be a far cleaner solution than we see now, and would help with the admin UI clean-up. It may also not be efficiently implementable in both RDBMS's we want to support.
<p>I'm curious about one thing, though ... if the current permissions granularity-by-naming is really useful, isn't the package level a rather stupid place to do it?
Shouldn't OBJECT TYPES each define a suite of permissions unique to the type so you can truly do what you want - control visibility of each base type's data in an inheritance hierarchy?
<p>BTW the fact that package instances can be mounted in multiple places makes context_id for packages virtually useless, not simply "complicated", ISTM! This has been another annoyance percolating in my mind.