[development] access control APIs

Metzler, David metzlerd at evergreen.edu
Thu Aug 24 22:35:30 UTC 2006


>Once a node is marked 'faculty only', can the student who marked it
still read it?  If 
>so, will faculty realize that at least one student can read it, despite
the 'faculty 
>only' mark?

Yes, that's exactly the behaviour I'm looking for.  The student and the
faculty can read it.  

I don't think the faculty would have a problem with it, given the
context of the site.  The beauty of simple_access is that I can rename
the access group "faculty and author", and the UI problem is solved. :)


I had looked at the node you sent, but I can't quite figure out how to
leverage that function to "override" the "owner has priveliges" part of
the equation.  Maybe I'm just being dense, but it sounds like I can
either, implement a node specific interface, or implement a role/group
specific interface.  

Do I store the user ID in the GID field in the node_access table?  Or is
it safe to fake the group membership just for that node access call? 

Thanks, 

Dave



More information about the development mailing list