[drupal-devel] fine grained permissions (was Re: [drupal-docs]
ber at webschuur.com
Thu Oct 13 07:38:32 UTC 2005
Larry triggered something that I had bubbling in my mind for a long time
already: finer grained permissions.
On Thursday 13 October 2005 02:16, Larry Garfield wrote:
> 2) Permissions not fine-grained enough (does "Create" include "change"?)
> I agree completely. We definitely need more fine-grained and descriptive
> permissions. There have been several threads about this recently, but not
> much code. (I wish I had time to write some.) The hard part is finding
> some standard other than "administer", which is a useless word.
What I have in mind is something to introduce a parent/child relation in
$perms->title = 'change book pages';
$perms->parent = 'create book pages';
means that 'change book pages can only be set true in admin if that role has
"create book pages" perms.
I am not referring to the permission on check time: only in the permissions
administer page: the checkboxes would be greyed out for the permissions that
cannot be set.
This will allow for a much finer grained permission handling, but will
immediately solve some of the clutter. Think about flexinode, for example,
where some people would love a per-field permission.
More information about the drupal-devel