You added some good points to the discussion, however...<br><br><div><span class="gmail_quote">On 12/29/06, <b class="gmail_sendername">Earnie Boyd</b> <<a href="mailto:earnie@users.sourceforge.net">earnie@users.sourceforge.net
</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On 12/28/06, Rob Barreca <<a href="mailto:rob@electronicinsight.com">
rob@electronicinsight.com</a>> wrote:<br>> A bit off-topic and not super critical, but this will also need to spur a<br>> discussion of a more manageable access control page if we have something<br>> like 5 perms for each content type. Is there an issue/any ideas on how to
<br>> simplify the access control page? Or, is a super long matrix format still<br>> the best way to go?<br>><br><br>Let's think it through a bit:<br><br>Read, Create, Delete (RCD)</blockquote><div> </div>Update/edit should be added here
<br><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Self, Group, Others (SGO)</blockquote><div><br>Others could be both members/visitors. I think we should separate them. We should also separate group and roles or merge them completely, see
<a href="http://drupal.org/node/53772#comment-111016">http://drupal.org/node/53772#comment-111016</a>.<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Host, Module, Content (HMC)</blockquote><div><br>What do you mean with "host"? The site in general?<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Admin, Non-Admin (AN)<br><br>Does this cover the access control groupings we need? I.E. Did I miss<br>anything?<br><br>* User with RCDA rights at Host controls all.<br>* User with RCA rights at Host controls all but may not delete or disable.
<br>* User with RCDN rights at Host and RCDA rights at Module (each module<br>is specified) would be able to read, change and delete all content,<br>would not be able to admin (publish or promote) content unless that<br>content was with the RCDA module list. This user also has the ability
<br>to modify the settings that control the Module.<br>* ...<br><br>So how do we apply this to the role we are creating? The view of the<br>role form would need to change so that above groupings become a<br>checkbox group and the form would have a module list box. The user
<br>creating the role would check the values wanted and then select the<br>modules it applys to. The list of modules would include selection for<br><all> modules and would be the default.<br><br>Earnie Boyd<br></blockquote>
</div><br><br clear="all"><br>-- <br>// Johan Forngren<br><br>/**<br> * Email: <a href="mailto:johan@forngren.com">johan@forngren.com</a><br> * www: <a href="http://johan.forngren.com/">http://johan.forngren.com/</a><br> * Skype: forngren
<br> * MSN: <a href="mailto:johan@forngren.com">johan@forngren.com</a><br> * IRC: forngren @ freenode<br> * Jabber/GTalk: <a href="mailto:forngren@gmail.com">forngren@gmail.com</a><br> */