[development] Deleting Cached Permissions

David Metzler metzlerd at metzlerd.com
Tue Aug 28 14:36:20 UTC 2007


I want users to not get "Access Denied" messages the first time they  
hit a page when LDAP says, you now have permissions to this.   Oh  
yeah, they can just hit refresh, (and jump up turn around and clap  
their hands) in order to avoid the error message.   I just don't  
seeing code that behaves this way.

I like temporary role changes. I think they are better than doing  
things like "become user 1" to perform this operation, because it  
preserves the audit trail.  It also opens the door to letting a user  
temporarily do things without giving them user 1 level context.   So  
I guess we'll disagree on that one.

Either way,  I still think we're talking about his og code and not  
the user_access code that's being talked about.  Why is cache control  
such a bad thing?

Dave

On Aug 27, 2007, at 10:04 PM, Karoly Negyesi wrote:

> I can not imagine any scenario where a temporary role change is a  
> good idea .If it's permanent you can reload Drupal. What are your  
> goals? "use LDAP groups" is a task not a goal. "I want to herd a  
> tribe of gutsy gibbons" now, that's a goal.



More information about the development mailing list