Hi Don,
thanks for the blessing!
using ad hoc roles which extend acs-rels, could
easily be solved in the permissions system IF object
types themselves were objects.
Well, that would be a bit more difficult, because these ad-hoc roles depend on the project. So one guy can be a Project Manager of one project (and see everything) and be a tester in another one.
There are two other aspects that proved useful:
- We have integrated these ad-hoc roles with our filestorage
module. So we can set file access permissions for a
"tester" or a "full member".
- We also use acs_rels for connecting other business
objects, such companies with 1 or more offices, users
with their companies, invoices with the customer and
the provider etc. So it's a uniform way of connecting
objects, and one guy at La Salle is working on a
graphical object browser (a la "The Brain"):
http://www.kurzweilai.net/brain/frame.html?startThought=Artificial%20Intelligence%20(AI)
Bests,
Frank