[development] weight for roles

David Metzler metzlerd at metzlerd.com
Thu Jun 7 18:56:44 UTC 2007


Haven't heard of anything on the dev list since the 5.0 release on  
this topic.   And I read all stuff in the role system cause of some  
access/security modules I work on.

Seems to me that this stuff belongs as a weight to the attributes  
that you're trying to track.  (the quota, profile assingment, etc.)  
and not the role itself.  That is weight, is not really a security  
concept. A tinymce profile could/should have a weight rather than a  
role.  That way the weight doesn't start to mean to many different  
things to many different modules.  I might want to treat tinyMCe  
profiles differently than image dimensions.

Also I would make authenticated user the lowest privilege role and  
then create an elevated permission that is granted when the user  
registers.  You can then revoke this role if you need.


On Jun 7, 2007, at 8:41 AM, ufuk bayburt wrote:

> It would matter when a user has multiple roles and those roles has
> permissions for quantitative values such as max image dimensions, file
> upload quota,(upload module), profile assignment(tinymce) etc. I
> maintain 2 modules both requires role weights. And there are many
> modules around there using roleweights module. It's not a big deal to
> self-implement this for a module but i wonder if there is any
> discussion on including this in core.
>
> On the other hand it may allow to define a user role that is degraded
> form of authenticated user, say restricted user. AFAIK, this is not
> possible with the current role system as it combines the permissions
> of any member role with the authenticated user role. Of course there
> are ways to achieve this.
> Anyway, this was not my point.
> In this topic http://drupal.org/node/68970
> moshe says "this is a dupe, but i can't find the original. most people
> agreed that role weights are needed."
> does anybody know where the original post is?
>
> On 6/7/07, Earnie Boyd <earnie at users.sourceforge.net> wrote:
>> Quoting ufuk bayburt <ufukbay at gmail.com>:
>>
>> > is there an ongoing discussion or progress on role weights in core?
>> >
>>
>> How would applying a weight to roles matter?  The user access is the
>> combination of all roles given to the user.
>>
>> Earnie
>>



More information about the development mailing list