29 Nov
2007
29 Nov
'07
2:14 p.m.
Quoting Darren Oh <darrenoh@sidepotsinternational.com>:
Giving a permission to the authenticated user and the anonymous users gives it to all roles. If you are speaking of giving a single role all permissions, I would be careful. It would be better for modules to set defaults for their permissions and then change each permission individually.
IMO, the set/unset all function should be applied to created roles at the time of creation only. This solves the issues being discussed. Earnie -- http://for-my-kids.com/ -- http://give-me-an-offer.com/