[development] access control APIs
Metzler, David
metzlerd at evergreen.edu
Thu Aug 24 22:35:30 UTC 2006
>Once a node is marked 'faculty only', can the student who marked it
still read it? If
>so, will faculty realize that at least one student can read it, despite
the 'faculty
>only' mark?
Yes, that's exactly the behaviour I'm looking for. The student and the
faculty can read it.
I don't think the faculty would have a problem with it, given the
context of the site. The beauty of simple_access is that I can rename
the access group "faculty and author", and the UI problem is solved. :)
I had looked at the node you sent, but I can't quite figure out how to
leverage that function to "override" the "owner has priveliges" part of
the equation. Maybe I'm just being dense, but it sounds like I can
either, implement a node specific interface, or implement a role/group
specific interface.
Do I store the user ID in the GID field in the node_access table? Or is
it safe to fake the group membership just for that node access call?
Thanks,
Dave
More information about the development
mailing list