Forum OpenACS Improvement Proposals (TIPs): Re: Tip #74 Fix general_comments_create permission.

Collapse
Posted by Don Baccus on
Yes, thinking more about it I agree, we may have stumbled on one of those rare instances where private permissions make sense ...

Here's the difference from the garbage cases that litter the tool kit: we have tons of "foo_read" privileges which are in no way a subset of the global "read" privilege. Really just a space and time wasting synonym.

But in this case ... "annotate" is a global concept for a family of related but separate actions, which include "comment", "rate", and "categorize" (at this point in time, any others?). These three actions have different semantics (unlike "foo_read") so logically should exist as separate permissions.

But they're closely related so it makes sense to give them a taxonomic parent.

Does this make sense? If so, that's what I'd like to see us do ... add a global "annotate" to the core set of perms and have gc/gr/categorize add their private perms appropriately so we can have finer-grained control when appropriate.

Thus far I don't see anyone saying these should be children of "create" ... [content] creation and [content] annotation are (IMO) fundamentally different in their semantics and I don't see anyone arguing against that idea.