[development] Early Drupal 6 review from Chris Messina

Larry Garfield larry at garfieldtech.com
Sun Nov 11 01:13:27 UTC 2007

On Saturday 10 November 2007, Josh Koenig wrote:
> >> tweaks and workflow glue for your use-case. Even if you're just
> >> rolling a "blog" or "wiki" install profile, a key part of making it
> >> wildly successful will be giving blog/wiki admins quick and
> >> intuitive access to the tools they need...
> >
> > Can't most of it be achieved with access rules?
> It really depends on your use-case. In simple instances it may be
> possible to create an "Admin" role which you grant limited access to
> Drupal's admin features, reducing the number of choices and potential
> for confusion. However, the way in which these admin features are laid
> out will remain generic and not tailored to the intended use of the
> site.

Another major challenge to that is that permissions in Drupal are still WAY 
too general.  It's too late for Drupal 6 now, but let's make a goal of Drupal 
7 to be much more finely-grained permissions.  (There were several attempts 
at doing so for various parts of D6 that were rejected due to it being too 
late, which I'd love to see revived once HEAD reopens.)  I run into this 
problem constantly when handing sites over to clients, as I can't give 
them "edit all nodes" permission without also giving them access to various 
parts of the admin that they really need to stay out of.  (Yes I can check 
off all of the "edit foo" checkboxes, but they still can't access 
admin/content/node or see unpublished content without the 
over-broad "administer nodes", which gives them permission to edit node 
types, which will break the site in all sorts of exciting ways.)

Let's make eliminating "administer site configuration" a goal for Drupal 
7. :-)

Larry Garfield			AIM: LOLG42
larry at garfieldtech.com		ICQ: 6817012

"If nature has made any one thing less susceptible than all others of 
exclusive property, it is the action of the thinking power called an idea, 
which an individual may exclusively possess as long as he keeps it to 
himself; but the moment it is divulged, it forces itself into the possession 
of every one, and the receiver cannot dispossess himself of it."  -- Thomas 

More information about the development mailing list