Forum OpenACS Development: Response to Permissions UI Issues

Posted by Don Baccus on
<blockquote><i>I was just offering the opinion that the folks who wrote the packages at ArsDigita didn't just pull this off the top of their head to annoy you, maybe they had a reason </i></blockquote>
But maybe the core design team's reasoning was faulty...
<p>Keep in mind that one of the core designers claimed that he didn't understand why people felt that the permissions admin UI was insufficient in the first place!  Back in 4.0 which in general had admin UI that was even lamer than we see in 4.2!  That shows a rather remarkable lack of insight IMO.
<p>As far as scoping permissions, this idea's actually been floating around in my head for a few weeks now.  I'm not yet convinced it is necessary but it would be a far cleaner solution than we see now, and would help with the admin UI clean-up.  It may also not be efficiently implementable in both RDBMS's we want to support.
<p>I'm curious about one thing, though ... if the current permissions  granularity-by-naming is really useful, isn't the package level a rather stupid place to do it?
Shouldn't OBJECT TYPES each define a suite of permissions unique to the type so you can truly do what you want - control visibility of each base type's data in an inheritance hierarchy?
<p>BTW the fact that package instances can be mounted in multiple places makes context_id for packages virtually useless, not simply "complicated", ISTM!  This has been another annoyance percolating in my mind.